VYPR

EVlink Parking EVW2 / EVF2 / EVP2PE

by Schneider Electric

CVEs (2)

  • CVE-2021-22820CriJan 28, 2022
    risk 0.64cvss 9.8epss 0.01

    A CWE-614 Insufficient Session Expiration vulnerability exists that could allow an attacker to maintain an unauthorized access over a hijacked session to the charger station web server even after the legitimate user account holder has changed his password. Affected Products:…

  • CVE-2021-22724HigJan 28, 2022
    risk 0.57cvss 8.8epss 0.00

    A CVE-352 Cross-Site Request Forgery (CSRF) vulnerability exists that could allow an attacker to impersonate the user or carry out actions on their behalf when crafted malicious parameters are submitted in POST requests sent to the charging station web server. Affected Products:…

VYPR — Vulnerability Intelligence