漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A CVE-352 Cross-Site Request Forgery (CSRF) vulnerability exists that could allow an attacker to impersonate the user or carry out actions on their behalf when crafted malicious parameters are submitted in POST requests sent to the charging station web server. Affected Products: EVlink City EVC1S22P4 / EVC1S7P4 (All versions prior to R8 V3.4.0.2 ), EVlink Parking EVW2 / EVF2 / EVP2PE (All versions prior to R8 V3.4.0.2), and EVlink Smart Wallbox EVB1A (All versions prior to R8 V3.4.0.2)
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Schneider Electric产品跨站请求伪造漏洞
Vulnerability Description
Schneider Electric EVlink City等都是法国施耐德电气(Schneider Electric)公司的电动汽车充电站的一款充电解决方案。 多款Schneider Electric产品存在跨站请求伪造漏洞,当向充电站web服务器发送POST请求时,恶意参数被提交,攻击者可利用该漏洞冒充用户或代表用户执行操作。以下产品及版本受到影响:EVlink City EVC1S22P4/EVC1S7P4 (R8 V3.4.0.2之前所有版本)、EVlink Parking EVW2/EVF2/E
CVSS Information
N/A
Vulnerability Type
N/A