269 matches found
CVE-2021-22730
A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could an attacker to gain...
CVE-2021-22730
The CVE-2021-22730 issue affects Schneider Electric EVlink City (EVC1S22P4 / EVC1S7P4), EVlink Parking (EVW2 / EVF2 / EV.2), and EVlink Smart Wallbox (EVB1A) where all versions before R8 V3.4.0.1 are vulnerable to CWE-798 (Use of Hard-coded Credentials). This could allow an attacker to gain unaut...
CVE-2021-22729
A CWE-259: Use of Hard-coded Password vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacker to...
CVE-2021-22729
The CVE-2021-22729 entry affects Schneider Electric EVlink City (EVC1S22P4 / EVC1S7P4), EVlink Parking (EVW2 / EVF2 / EV.2), and EVlink Smart Wallbox (EVB1A) all versions prior to R8 V3.4.0.1. The root cause is CWE-259: Use of Hard-coded Password, enabling an attacker to gain unauthorized adminis...
CVE-2021-22728
The CVE-2021-22728 entry concerns a CWE-200 information exposure vulnerability in Schneider Electric EVlink devices: EVlink City (EVC1S22P4 / EVC1S7P4), EVlink Parking (EVW2 / EVF2 / EV.2), and EVlink Smart Wallbox (EVB1A) with all versions prior to R8 V3.4.0.1. The flaw could disclose encrypted ...
CVE-2021-22728
A CWE-200: Information Exposure vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could cause disclosure of encrypte...
CVE-2021-22727
A CWE-331: Insufficient Entropy vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacker to gain...
CVE-2021-22727
CVE-2021-22727 affects Schneider Electric EVlink City (EVC1S22P4 / EVC1S7P4), EVlink Parking (EVW2 / EVF2 / EV.2), and EVlink Smart Wallbox (EVB1A) with all versions prior to R8 V3.4.0.1. The issue is CWE-331: Insufficient Entropy, enabling an attacker to gain unauthorized access to the charging ...
CVE-2021-22726
A CWE-918: Server-Side Request Forgery SSRF vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacke...
CVE-2021-22726
CVE-2021-22726 describes a CWE-918 SSRF vulnerability in Schneider Electric EVlink City (EVC1S22P4 / EVC1S7P4), EVlink Parking (EVW2 / EVF2 / EV.2), and EVlink Smart Wallbox (EVB1A) prior to R8 V3.4.0.1. The issue allows crafted malicious parameters to trigger unintended actions or data access vi...
CVE-2021-22722
The CVE-2021-22722 issue affects Schneider Electric EVlink products: EVlink City (EVC1S22P4/EVC1S7P4), EVlink Parking (EVW2/EVF2/EV.2), and EVlink Smart Wallbox (EVB1A) prior to R8 V3.4.0.1, due to CWE-79 Stored XSS from improper input neutralization when importing CSV files or changing station p...
CVE-2021-22722
A CWE-79: Improper Neutralization of Input During Web Page Generation 'Stored Cross-site Scripting' vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all...
CVE-2021-22721
A CWE-200: Information Exposure vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacker to get...
CVE-2021-22721
CVE-2021-22721 affects Schneider Electric EVlink City (EVC1S22P4 / EVC1S7P4), EVlink Parking (EVW2 / EVF2 / EV.2), and EVlink Smart Wallbox (EVB1A) with all versions prior to R8 V3.4.0.1. The vulnerability is an information-disclosure issue caused by crafted parameters submitted to the charging s...
CVE-2021-22708
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could...
CVE-2021-22708
CVE-2021-22708 affects Schneider Electric EVlink charging stations, including EVlink City (EVC1S22P4/EVC1S7P4), EVlink Parking (EVW2/EVF2/EV.2) and EVlink Smart Wallbox (EVB1A). The root cause is improper verification of cryptographic signatures, allowing a crafted malicious firmware package to b...
CVE-2021-22707
A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacker t...
CVE-2021-22707
The CVE-2021-22707 entry describes a hard-coded credentials vulnerability in Schneider Electric EVlink devices (City, Parking, Smart Wallbox) with versions prior to R8 V3.4.0.1. The concrete details from connected sources (e.g., NUCLEI template) indicate an authentication bypass vulnerability tha...
CVE-2021-22706
A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions...
CVE-2021-22706
The CVE-2021-22706 issue is a Cross-site Scripting (CWE-79) vulnerability affecting Schneider Electric EVlink City (EVC1S22P4 / EVC1S7P4), EVlink Parking (EVW2 / EVF2 / EV.2), and EVlink Smart Wallbox (EVB1A). The root cause is improper neutralization of input during web page generation in the ch...