CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on July 22, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-203-01 DuraComm DP-10iN-100-MU ICSA-25-203-02 Lantronix Provisioning Manager...

Schneider Electric EVLink WallBox Operating System Command Injection Vulnerability

The Schneider Electric EVLink WallBox is a home charging station from the French company Schneider Electric. The Schneider Electric EVLink WallBox suffers from an operating system command injection vulnerability that originates from improper neutralization of special elements in OS commands, whic...

Schneider Electric EVLink WallBox Path Traversal Vulnerability

The Schneider Electric EVLink WallBox is a home charging station from the French company Schneider Electric. The Schneider Electric EVLink WallBox suffers from a path traversal vulnerability that stems from improperly restricted pathnames, which can be exploited by an attacker to cause arbitrary...

Schneider Electric EVLink WallBox Cross-Site Scripting Vulnerability

The Schneider Electric EVLink WallBox is a home charging station from the French company Schneider Electric. A cross-site scripting vulnerability exists in the Schneider Electric EVLink WallBox that stems from improper input neutralization during web page generation, no details of the vulnerabili...

Schneider Electric EVLink WallBox 路径遍历漏洞

The Schneider Electric EVLink WallBox is a home charging station from the French company Schneider Electric. The Schneider Electric EVLink WallBox suffers from a path traversal vulnerability that stems from improperly restricted pathnames, which can be exploited by an attacker to cause arbitrary...

PT-2025-24623 · Schneider Electric · Evlink Wallbox

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A Path Traversal vulnerability exists, which could cause arbitrary file reads from the charging station. The exploitation of this vulnerability requires an authenticated session of the web...

Schneider Electric EVLink WallBox 路径遍历漏洞

The Schneider Electric EVLink WallBox is a home charging station from the French company Schneider Electric. The Schneider Electric EVLink WallBox suffers from a path traversal vulnerability that stems from improperly restricted pathnames, which can be exploited by an attacker to cause arbitrary...

PT-2025-24622 · Schneider Electric · Evlink Wallbox

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A Path Traversal vulnerability exists, which could cause arbitrary file writes when an unauthenticated user on the web server manipulates the file path. This issue is related to the improper...

Schneider Electric EVLink WallBox 操作系统命令注入漏洞

The Schneider Electric EVLink WallBox is a home charging station from the French company Schneider Electric. The Schneider Electric EVLink WallBox suffers from an operating system command injection vulnerability that originates from improper neutralization of special elements in OS commands, whic...

PT-2025-24624 · Schneider Electric · Evlink Wallbox

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A Cross-site Scripting issue exists when an authenticated user modifies configuration parameters on the web server. This occurs due to improper neutralization of input during web page...

Schneider Electric EVLink WallBox 跨站脚本漏洞

The Schneider Electric EVLink WallBox is a home charging station from the French company Schneider Electric. A cross-site scripting vulnerability exists in the Schneider Electric EVLink WallBox that stems from improper input neutralization during web page generation, no details of the vulnerabili...

CVE-2021-22726

A CWE-918: Server-Side Request Forgery SSRF vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacke...

VulnCheck KEV: CVE-2021-22707

A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an...

CVE-2021-22774

A CWE-759: Use of a One-Way Hash without a Salt vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could lead an...

CVE-2021-22708

A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could...