Schneider-electric Evlink_parking_ev.2_firmware

13 CVEs affecting Schneider-electric Evlink_parking_ev.2_firmware. Latest disclosed: 2021-07-21. Critical: 4, High: 3.

Top CVEs affecting Schneider-electric Evlink_parking_ev.2_firmware
CVESeverityScorePublishedSummary
CVE-2021-22730Critical9.82021-07-21A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / E…
CVE-2021-22729Critical9.82021-07-21A CWE-259: Use of Hard-coded Password vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2…
CVE-2021-22727Critical9.82021-07-21A CWE-331: Insufficient Entropy vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV…
CVE-2021-22707Critical9.82021-07-21A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / E…
CVE-2021-22726High8.12021-07-21A CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW…
CVE-2021-22774High7.52021-07-21A CWE-759: Use of a One-Way Hash without a Salt vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (E…
CVE-2021-22708High7.22021-07-21A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlin…
CVE-2021-22773Medium6.52021-07-21A CWE-620: Unverified Password Change vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2…
CVE-2021-22728Medium6.52021-07-21A CWE-200: Information Exposure vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV…
CVE-2021-22723Medium6.12021-07-21A CWE-79: Improper Neutralization of Input During Web Page Generation (Cross-siteScripting) through Cross-Site Request Forgery (CSRF) vulnerability exists in E…
CVE-2021-22706Medium6.12021-07-21A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all ve…
CVE-2021-22722Medium5.42021-07-21A CWE-79: Improper Neutralization of Input During Web Page Generation ('Stored Cross-site Scripting') vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4…
CVE-2021-22721Medium5.32021-07-21A CWE-200: Information Exposure vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV…