30 matches found
EUVD-2021-21242
Malware in sbrugna...
EUVD-2021-21241
Malware in sbrugna...
CVE-2021-34602
In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could enter shell commands into some input fields that are executed with root privileges...
CVE-2021-34602
In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could enter shell commands into some input fields that are executed with root privileges...
CVE-2021-34591
In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. An authenticated attacker could get root access via the suid applications socat, ip udhcpc and ifplugd...
CVE-2021-34592
In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could enter shell commands into some input fields...
CVE-2021-34592
In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could enter shell commands into some input fields...
CVE-2021-34587
In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable...
CVE-2021-34588
In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. Backup export is protected via a random key. The key is set at user login. It is empty after reboot...
CVE-2021-34589
In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. The RFID of the last charge event can be read without authentication via the web interface...
CVE-2021-34587
In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable...
CVE-2021-34589
In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. The RFID of the last charge event can be read without authentication via the web interface...
Command injection
In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could enter shell commands into some input fields that are executed with root privileges...
Command injection
In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could enter shell commands into some input fields...
Stack overflow
In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable...
Privilege escalation
In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. An authenticated attacker could get root access via the suid applications socat, ip udhcpc and ifplugd...
CVE-2021-34602
The CVE-2021-34602 entry maps to Bender ebee Charge Controllers (CC612, CC613 series, ICC15xx, ICC16xx) with affected versions before 5.11.2, 5.12.5, 5.13.2, or 5.20.2. The vulnerability is an operating system command injection via the web interface, enabling an authenticated attacker to input sh...
CVE-2021-34592
CVE-2021-34592 affects Bender/ebee Charge Controllers (e.g., CC612/CC613 series, ICC15xx/ICC16xx) with a vulnerability to command injection via the Web interface . An authenticated attacker can input shell commands in certain fields, leading to potential compromise of the device. Some connected s...
CVE-2021-34591
CVE-2021-34591 concerns the Bender/ebe e Charge Controllers. Connected sources specify a local privilege escalation affecting multiple products: CC612, CC613 series, ICC15xx, ICC16xx, in versions prior to 5.11.2, 5.12.5, 5.13.2, or 5.20.2. The root cause involves vulnerable suid-enabled utilities...
CVE-2021-34590
CVE-2021-34590 affects Bender/ebee Charge Controllers. The issue is a Cross-site Scripting vulnerability where authenticated attackers can inject HTML code into configuration values, which are not properly escaped when displayed. Multiple sources confirm the vulnerability across several product l...