Vulnerabilities > Schneider Electric > Evf2 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-01-28 CVE-2021-22724 Cross-Site Request Forgery (CSRF) vulnerability in Schneider-Electric products
A CVE-352 Cross-Site Request Forgery (CSRF) vulnerability exists that could allow an attacker to impersonate the user or carry out actions on their behalf when crafted malicious parameters are submitted in POST requests sent to the charging station web server.
network
low complexity
schneider-electric CWE-352
8.8
8.8
2022-01-28 CVE-2021-22725 Cross-Site Request Forgery (CSRF) vulnerability in Schneider-Electric products
A CVE-352 Cross-Site Request Forgery (CSRF) vulnerability exists that could allow an attacker to impersonate the user or carry out actions on their behalf when crafted malicious parameters are submitted in POST requests sent to the charging station web server.
network
low complexity
schneider-electric CWE-352
8.8
8.8