2877 matches found
CVE-2021-34592
CVE-2021-34592 affects Bender/ebee Charge Controllers (e.g., CC612/CC613 series, ICC15xx/ICC16xx) with a vulnerability to command injection via the Web interface . An authenticated attacker can input shell commands in certain fields, leading to potential compromise of the device. Some connected s...
CVE-2021-34591
CVE-2021-34591 concerns the Bender/ebe e Charge Controllers. Connected sources specify a local privilege escalation affecting multiple products: CC612, CC613 series, ICC15xx, ICC16xx, in versions prior to 5.11.2, 5.12.5, 5.13.2, or 5.20.2. The root cause involves vulnerable suid-enabled utilities...
CVE-2021-34591 Bender Charge Controller: Local privilege Escalation
In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. An authenticated attacker could get root access via the suid applications socat, ip udhcpc and ifplugd...
CVE-2021-34590
CVE-2021-34590 affects Bender/ebee Charge Controllers. The issue is a Cross-site Scripting vulnerability where authenticated attackers can inject HTML code into configuration values, which are not properly escaped when displayed. Multiple sources confirm the vulnerability across several product l...
CVE-2021-34589
CVE-2021-34589 concerns the RFID leak in Bender/ebee Charge Controllers . Affected products include multiple versions of the Bender ebee Charge Controllers, where the RFID data from the last charge event can be read without authentication through the web interface. The available documents corrobo...
CVE-2021-34587
Summary: CVE-2021-34587 affects Bender ebee Charge Controllers (CC612, CC613, ICC15xx/ICC16xx) with versions prior to 5.11.2, 5.12.5, 5.13.2, or 5.20.2. A long URL used as input to sprintf into a stack variable can crash the webserver. CNNVD notes this could allow bypassing credential checks and ...
PT-2022-10363 · Unknown · Bender/Ebee Charge Controllers
Name of the Vulnerable Software and Affected Versions: Bender/ebee Charge Controllers affected versions not specified Description: The issue allows for Command injection via the Web interface. An authenticated attacker could enter shell commands into some input fields. Recommendations: At the...
PT-2022-10361 · Unknown · Bender/Ebee Charge Controllers
Name of the Vulnerable Software and Affected Versions: Bender/ebee Charge Controllers affected versions not specified Description: The issue allows an authenticated attacker to perform Cross-site Scripting by writing HTML code into configuration values, which are not properly escaped when...
PT-2022-10360 · Unknown · Bender/Ebee Charge Controllers
Name of the Vulnerable Software and Affected Versions: Bender/ebee Charge Controllers affected versions not specified Description: The issue concerns an RFID leak in Bender/ebee Charge Controllers. The RFID of the last charge event can be read without authentication via the web interface...
The vulnerability of microprogrammed software in programmable logic controllers such as ControlLogix 5580, GuardLogix 5580, CompactLogix 5380, CompactLogix 5480, and Compact GuardLogix 5380 lies in improper code generation. This allows attackers to implant code into the controller that the user will be unable to detect.
The vulnerability of microprogrammed software in programmable logic controllers such as ControlLogix 5580, GuardLogix 5580, CompactLogix 5380, CompactLogix 5480, and Compact GuardLogix 5380 lies in improper code generation. Exploiting this vulnerability allows an intruder to implant code into the...
The vulnerability of microprogrammed software for controllers CAPITAL VSTAR, APOGEE MBC, APOGEE MEC, APOGEE PXC, TALON TC, and the operating system Nucleus relates to errors in processing ICMP packet headers. This vulnerability allows attackers to gain access to protected information or cause service interruptions.
The vulnerability of microprogrammed software for controllers CAPITAL VSTAR, APOGEE MBC, APOGEE MEC, APOGEE PXC, TALON TC, and the operating system Nucleus is related to errors in processing ICMP packet headers. Exploiting this vulnerability can allow a remote attacker to gain access to protected...
CVE-2022-20681
A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate privileges to level 15 on an affected device. This vulnerability is due to insufficient validatio...
CVE-2022-20683
A vulnerability in the Application Visibility and Control AVC-FNF feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to...
CVE-2022-20683
A vulnerability in the Application Visibility and Control AVC-FNF feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to...
Design/Logic Flaw
A vulnerability in the Application Visibility and Control AVC-FNF feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to...
Input validation
A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate privileges to level 15 on an affected device. This vulnerability is due to insufficient validatio...
CVE-2022-20681
CVE-2022-20681 affects Cisco IOS XE on Catalyst 9000 Family Switches and Wireless Controllers. The root cause is insufficient validation of user privileges after certain CLI commands, allowing an authenticated, local low-privilege user to elevate to level 15 and execute arbitrary commands with hi...
CVE-2022-20683 Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers Application Visibility and Control Denial of Service Vulnerability
A vulnerability in the Application Visibility and Control AVC-FNF feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to...
CVE-2022-20683 Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers Application Visibility and Control Denial of Service Vulnerability
A vulnerability in the Application Visibility and Control AVC-FNF feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to...
CVE-2022-20683
CVE-2022-20683 describes a DoS vulnerability in Cisco IOS XE Software for the Catalyst 9800 Series Wireless Controllers, triggered by crafted packets processed by the AVC-FNF (Application Visibility and Control) feature. Root cause: insufficient packet verification during AVC inspection. Impact: ...