CVE-2018-7801

CWE-94Code Injection3 documents3 sources
Severity
8.8HIGH
EPSS
7.0%
top 8.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Schneider-electric Evlink Parking FirmwareSchneider Electric SE Evlink Parking V3.2.0-12 V1 AND Earlier
Timeline
PublishedDec 24
Latest updateMay 13

Description

A Code Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which could enable access with maximum privileges when a remote code execution is performed.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5schneider_electric_se/evlink_parking_v3.2.0-12_v1_and_earlierEVLink Parking v3.2.0-12_v1 and earlier

Patches

Patch: www.schneider-electric.comPatch: www.schneider-electric.com

🔴Vulnerability Details

2
GHSA
GHSA-xcm9-pjj3-347q: A Code Injection vulnerability exists in EVLink Parking, v32022-05-13
CVEList
CVE-2018-7801: A Code Injection vulnerability exists in EVLink Parking, v32018-12-24
CVE-2018-7801 (HIGH CVSS 8.8) | A Code Injection vulnerability exis | cvebase.io