Medium severityNVD Advisory· Published Mar 11, 2025· Updated Apr 15, 2026

CVE-2025-22370

Description

Many fields for the web configuration interface of the firmware for Mennekes Smart / Premium Chargingpoints can be abused to execute arbitrary SQL commands because the values are insufficiently neutralized.

Affected products

Mennekes/Smart / Premium Chargingpointsllm-fuzzy

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

csirt.divd.nl/CVE-2025-22370nvd
csirt.divd.nl/DIVD-2025-00003nvd
www.mennekes.nl/fileadmin/MEN-Deutschland/emobility/04_software/06_smart_premium/Release_Notes_for_2.15_06.03.2025.pdfnvd

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000