EVlink Parking EVW2 / EVF2 / EVP2PE
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-22822 | 0.00 | — | 0.00 | Jan 28, 2022 | A CWE-79 Improper Neutralization of Input During Web Page Generation (�Cross-site Scripting�) vulnerability exists that could allow an attacker to impersonate the user who manages the charging station or carry out actions on their behalf when crafted malicious parameters are… | |||
| CVE-2021-22821 | 0.00 | — | 0.00 | Jan 28, 2022 | A CWE-918 Server-Side Request Forgery (SSRF) vulnerability exists that could cause the station web server to forward requests to unintended network targets when crafted malicious parameters are submitted to the charging station web server. Affected Products: EVlink City… | |||
| CVE-2021-22820 | 0.00 | — | 0.01 | Jan 28, 2022 | A CWE-614 Insufficient Session Expiration vulnerability exists that could allow an attacker to maintain an unauthorized access over a hijacked session to the charger station web server even after the legitimate user account holder has changed his password. Affected Products:… |
- CVE-2021-22822Jan 28, 2022risk 0.00cvss —epss 0.00
A CWE-79 Improper Neutralization of Input During Web Page Generation (�Cross-site Scripting�) vulnerability exists that could allow an attacker to impersonate the user who manages the charging station or carry out actions on their behalf when crafted malicious parameters are…
- CVE-2021-22821Jan 28, 2022risk 0.00cvss —epss 0.00
A CWE-918 Server-Side Request Forgery (SSRF) vulnerability exists that could cause the station web server to forward requests to unintended network targets when crafted malicious parameters are submitted to the charging station web server. Affected Products: EVlink City…
- CVE-2021-22820Jan 28, 2022risk 0.00cvss —epss 0.01
A CWE-614 Insufficient Session Expiration vulnerability exists that could allow an attacker to maintain an unauthorized access over a hijacked session to the charger station web server even after the legitimate user account holder has changed his password. Affected Products:…