VYPR

Chargingpoints

by Mennekes

CVEs (3)

  • CVE-2025-22368HigMar 11, 2025
    risk 0.57cvss epss 0.01

    The authenticated SCU firmware command of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS commands are improperly neutralized when certain fields are passed to the underlying OS.

  • CVE-2025-22366HigMar 11, 2025
    risk 0.57cvss epss 0.01

    The authenticated firmware update capability of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS command are improperly neutralized when certain fields are passed to the underlying OS.

  • CVE-2025-22370MedMar 11, 2025
    risk 0.34cvss epss 0.00

    Many fields for the web configuration interface of the firmware for Mennekes Smart / Premium Chargingpoints can be abused to execute arbitrary SQL commands because the values are insufficiently neutralized.