Path Traversal Vulnerability in Schneider Electric's Charging Station
CVE-2025-5741

6.9MEDIUM

Key Information:

Vendor: Schneider Electric
Status: Evlink Wallbox
Vendor: CVE Published:; 10 June 2025

🔔 Create Schneider Electric Vulnerability Alert

What is CVE-2025-5741?

A path traversal vulnerability exists in Schneider Electric's charging station that may allow a malicious actor to access arbitrary files on the web server. This exploitation requires an authenticated session, suggesting that only users with valid access permissions may trigger the flaw. By leveraging this vulnerability, attackers could potentially read sensitive files, posing risks to data confidentiality and integrity.

Affected Version(s)

EVLink WallBox All Versions

References

https://download.schneider-electric.com/files?p_Doc_Ref=S...

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 10, 2025
Vulnerability Reserved
Jun 5, 2025