CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7800
https://notcve.org/view.php?id=CVE-2018-7800
A Hard-coded Credentials vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which could enable an attacker to gain access to the device. Existe una vulnerabilidad de credenciales embebidas en EVLink Parking, en versiones v3.2.0-12_v1 y anteriores, lo que podría permitir que un atacante obtenga acceso al dispositivo. • http://www.securityfocus.com/bid/106807 https://ics-cert.us-cert.gov/advisories/ICSA-19-031-01 https://www.schneider-electric.com/en/download/document/SEVD-2018-354-01 • CWE-798: Use of Hard-coded Credentials •
CVSS: 8.8EPSS: 3%CPEs: 2EXPL: 1CVE-2018-7801
https://notcve.org/view.php?id=CVE-2018-7801
A Code Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which could enable access with maximum privileges when a remote code execution is performed. Existe una vulnerabilidad de inyección de código en EVLink Parking, en versiones v3.2.0-12_v1 y anteriores, lo que podría permitir el acceso con máximos privilegios cuando se ejecuta código de forma remota. • http://seclists.org/fulldisclosure/2021/Jul/32 http://www.securityfocus.com/bid/106807 https://ics-cert.us-cert.gov/advisories/ICSA-19-031-01 https://www.schneider-electric.com/en/download/document/SEVD-2018-354-01 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7802
https://notcve.org/view.php?id=CVE-2018-7802
A SQL Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which could give access to the web interface with full privileges. Existe una vulnerabilidad de inyección SQL en EVLink Parking, en versiones v3.2.0-12_v1 y anteriores, lo que podría otorgar acceso a la interfaz web con privilegios totales. • http://www.securityfocus.com/bid/106807 https://ics-cert.us-cert.gov/advisories/ICSA-19-031-01 https://www.schneider-electric.com/en/download/document/SEVD-2018-354-01 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •