Information Exposure in Schneider Electric's EVlink Charging Stations
CVE-2021-22721
5.3MEDIUM
Key Information:
What is CVE-2021-22721?
A vulnerability exists in Schneider Electric's EVlink City, Parking, and Smart Wallbox series, which can lead to the exposure of limited knowledge regarding JavaScript code. This issue arises when an attacker submits malicious parameters to the charging station web server, potentially compromising sensitive operational data.
Affected Version(s)
EVlink City (EVC1S22P4 / EVC1S7P4 all prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all prior to R8 V3.4.0.1 ) EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 )