cve/CVE-2022-22808.md at c052d0d6949679697108fa931a00cd4220694869

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-31 10:40:54 +00:00

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

Description

A CWE-352: Cross-Site Request Forgery (CSRF) exists that could cause a remote attacker to gain unauthorized access to the product when conducting cross-domain attacks based on same-origin policy or cross-site request forgery protections bypass. Affected Product: EcoStruxure EV Charging Expert (formerly known as EVlink Load Management System): (HMIBSCEA53D1EDB, HMIBSCEA53D1EDS, HMIBSCEA53D1EDM, HMIBSCEA53D1EDL, HMIBSCEA53D1ESS, HMIBSCEA53D1ESM, HMIBSCEA53D1EML) (All Versions prior to SP8 (Version 01) V4.0.0.13)

POC

Reference

No PoCs from references.

Github

https://github.com/1-tong/vehicle_cves
https://github.com/Vu1nT0tal/Vehicle-Security
https://github.com/VulnTotal-Team/Vehicle-Security
https://github.com/VulnTotal-Team/vehicle_cves

1.4 KiB Raw Blame History

CVE-2022-22808

Description

POC

Reference

Github

1.4 KiB

Raw Blame History