CVE-2025-22367 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The authenticated time setting capability of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS command are…
High CVSS: 8.7

CVE-2025-22367

The authenticated time setting capability of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS command are improperly neutralized when certain fields are passed to the underlying OS.
Vendor
-
Product
-
CWE
CWE-78
Yayın Tarihi
2025-03-11 14:15:24
Güncelleme
2025-03-11 14:15:24
Source Identifier
csirt@divd.nl
KEV Date Added
-

Kategoriler

CWE-78 HIGH 2025

Referanslar

https://csirt.divd.nl/CVE-2025-22367 https://csirt.divd.nl/DIVD-2025-00003 https://www.mennekes.nl/fileadmin/MEN-Deutschland/emobility/04_software/06_smart_premium/Release_Notes_for_2.15_06.03.2025.pdf