CNNVD-202601-3933 Information

CNNVD ID

CNNVD-202601-3933

Related CVE

CVE-2025-54816

• CNNVD Published: 2026-01-22

Description (Chinese)

EVMAPA是Daniel Jurik个人开发者的一个电汽车充电站导航应用。 EVMAPA存在访问控制错误漏洞，该漏洞源于WebSocket端点未强制执行适当的身份验证机制，可能导致未经授权的访问、权限提升或系统安全受损。

Description (English)

EVMAPA is a navigational application for an electric car charging station for Daniel Jurik personal developer. EVMAPA has an access control error gap, which stems from the failure of the WebSocket endpoint to enforce an appropriate authentication mechanism, which may result in unauthorized access, enhanced privileges or system security being compromised.

Hazard Level

Low

Vulnerability Type

访问控制错误

Affected Vendor

个人开发者

Published

2026-01-22

Last Modified

2026-02-24

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-022-08.json https://www.cisa.gov/news-events/ics-advisories/icsa-26-022-08 https://access.redhat.com/security/cve/cve-2025-54816

Patch

https://evmap.fr/