Schneider-electric Evlink Parking Ev.2 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric Evlink Parking Ev.2 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2021-22707 — CVSS 9.8 (critical): A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1)…
CVE-2021-22730 — CVSS 9.8 (critical): A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1)…
CVE-2021-22729 — CVSS 9.8 (critical): A CWE-259: Use of Hard-coded Password vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink…
CVE-2021-22727 — CVSS 9.8 (critical): A CWE-331: Insufficient Entropy vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink…
CVE-2021-22726 — CVSS 8.1 (high): A CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1)…
CVE-2021-22774 — CVSS 7.5 (high): A CWE-759: Use of a One-Way Hash without a Salt vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8…
CVE-2021-22708 — CVSS 7.2 (high): A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to…
CVE-2021-22728 — CVSS 6.5 (medium): A CWE-200: Information Exposure vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink…
CVE-2021-22773 — CVSS 6.5 (medium): A CWE-620: Unverified Password Change vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink…
CVE-2021-22706 — CVSS 6.1 (medium): A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists in EVlink City…
CVE-2021-22723 — CVSS 6.1 (medium): A CWE-79: Improper Neutralization of Input During Web Page Generation (Cross-siteScripting) through Cross-Site Request Forgery (CSRF)…
CVE-2021-22722 — CVSS 5.4 (medium): A CWE-79: Improper Neutralization of Input During Web Page Generation ('Stored Cross-site Scripting') vulnerability exists in EVlink City…
CVE-2021-22721 — CVSS 5.3 (medium): A CWE-200: Information Exposure vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink…