CVE-2025-5741

MEDIUM

Charging Station < - Path Traversal

Title source: llm

Description

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause arbitrary file reads from the charging station. The exploitation of this vulnerability does require an authenticated session of the web server.

References (1)

Core 1

Core References

Various Sources

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-161-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-161-03.pdf

Scores

CVSS v3 4.9

EPSS 0.0053

EPSS Percentile 40.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (1)

Schneider Electric/EVLink WallBox All Versions

Published Jun 10, 2025

Tracked Since Feb 18, 2026