Vulnerabilities > Schneider Electric > Evlink Parking Evp2Pe Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-28	CVE-2021-22818	Improper Restriction of Excessive Authentication Attempts vulnerability in Schneider-Electric products A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow an attacker to gain unauthorized access to the charging station web interface by performing brute force attacks. network low complexity schneider-electric CWE-307	7.5
2022-01-28	CVE-2021-22821	Server-Side Request Forgery (SSRF) vulnerability in Schneider-Electric products A CWE-918 Server-Side Request Forgery (SSRF) vulnerability exists that could cause the station web server to forward requests to unintended network targets when crafted malicious parameters are submitted to the charging station web server. network low complexity schneider-electric CWE-918	8.6

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.