CVE-2021-22706

🗓️ 21 Jul 2021 10:41:41Reported by schneiderType

CVE-2021-22706 CWE-79 vulnerability in Schneider Electric EVlink product

Reporter	Title	Published	Views	Family All 7
BDU FSTEC	Vulnerability of EVlink City’s parking charging station software. EVlink Parking and EVlink Smart Wallbox are vulnerable due to the lack of measures taken to protect the website structure, allowing attackers to impersonate users who control the charging stations.	22 May 202300:00	–	bdu_fstec
CNNVD	EVlink City、EVlink Parking 和 EVlink Smart Wallbox 跨站脚本漏洞	21 Jul 202100:00	–	cnnvd
CVE	CVE-2021-22706	21 Jul 202110:41	–	cve
EUVD	EUVD-2021-9841	3 Oct 202520:07	–	euvd
NVD	CVE-2021-22706	21 Jul 202115:15	–	nvd
Prion	Cross site scripting	21 Jul 202115:15	–	prion
RedhatCVE	CVE-2021-22706	9 Jan 202611:20	–	redhatcve

[
  {
    "product": "EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 )",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 )"
      }
    ]
  }
]

Source	Link
download	www.download.schneider-electric.com/files

21 Jul 2021 10:41Current

6.4Medium risk

Vulners AI Score6.4

EPSS0.00285

CWE-79