Path Traversal Vulnerability in Schneider Electric's Charging Station
CVE-2025-5741
6.9MEDIUM
What is CVE-2025-5741?
A path traversal vulnerability exists in Schneider Electric's charging station that may allow a malicious actor to access arbitrary files on the web server. This exploitation requires an authenticated session, suggesting that only users with valid access permissions may trigger the flaw. By leveraging this vulnerability, attackers could potentially read sensitive files, posing risks to data confidentiality and integrity.
Affected Version(s)
EVLink WallBox All Versions
References
CVSS V4
Score:
6.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved