SQL Injection in Mennekes Smart / Premium Charging Stations

CVE-2025-22370

Many fields for the web configuration interface of the firmware for Mennekes Smart / Premium Chargingpoints can be abused to execute arbitrary SQL commands because the values are insufficiently neutralized.

Vulnerability class: SQL Injection

EPSS: 0.004 (31.0th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References