Igl-technologies Eparking.fi
4 CVEs affecting Igl-technologies Eparking.fi. Latest disclosed: 2026-03-20. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-29796 | Critical | 9.4 | 2026-03-20 | WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the bac… |
CVE-2026-31903 | High | 7.5 | 2026-03-20 | The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacke… |
CVE-2026-32663 | High | 7.3 | 2026-03-20 | The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifi… |
CVE-2026-31926 | Medium | 6.5 | 2026-03-20 | Charging station authentication identifiers are publicly accessible via web-based mapping platforms. |