Skip to main content

CVE-2025-22370

SQL Injection (CWE-89)
2025-03-11 csirt@divd.nl

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 19:52 vuln.today
CVE Published
Mar 11, 2025 - 14:15 nvd
N/A

DescriptionCVE.org

Many fields for the web configuration interface of the firmware for Mennekes Smart / Premium Chargingpoints can be abused to execute arbitrary SQL commands because the values are insufficiently neutralized.

Analysis

Many fields for the web configuration interface of the firmware for Mennekes Smart / Premium Chargingpoints can be abused to execute arbitrary SQL commands because the values are insufficiently neutralized.

Technical ContextAI

Classified as CWE-89 (SQL Injection). Many fields for the web configuration interface of the firmware for Mennekes Smart / Premium Chargingpoints can be abused to execute arbitrary SQL commands because the values are insufficiently neutralized.

Affected ProductsAI

Many fields for the web configuration interface of the firmware for Mennekes Smart / Premium Chargingpoints can be abused to execute arbitrary SQL com

RemediationAI

Monitor vendor advisories for a patch. Use parameterized queries. Implement input validation.

Share

CVE-2025-22370 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy