8 matches found
CVE-2021-34592
CVE-2021-34592 affects Bender/ebee Charge Controllers (e.g., CC612/CC613 series, ICC15xx/ICC16xx) with a vulnerability to command injection via the Web interface . An authenticated attacker can input shell commands in certain fields, leading to potential compromise of the device. Some connected s...
CVE-2021-34602
The CVE-2021-34602 entry maps to Bender ebee Charge Controllers (CC612, CC613 series, ICC15xx, ICC16xx) with affected versions before 5.11.2, 5.12.5, 5.13.2, or 5.20.2. The vulnerability is an operating system command injection via the web interface, enabling an authenticated attacker to input sh...
CVE-2021-34589
CVE-2021-34589 concerns the RFID leak in Bender/ebee Charge Controllers . Affected products include multiple versions of the Bender ebee Charge Controllers, where the RFID data from the last charge event can be read without authentication through the web interface. The available documents corrobo...
CVE-2021-34590
CVE-2021-34590 affects Bender/ebee Charge Controllers. The issue is a Cross-site Scripting vulnerability where authenticated attackers can inject HTML code into configuration values, which are not properly escaped when displayed. Multiple sources confirm the vulnerability across several product l...
CVE-2021-34591
CVE-2021-34591 concerns the Bender/ebe e Charge Controllers. Connected sources specify a local privilege escalation affecting multiple products: CC612, CC613 series, ICC15xx, ICC16xx, in versions prior to 5.11.2, 5.12.5, 5.13.2, or 5.20.2. The root cause involves vulnerable suid-enabled utilities...
CVE-2021-34601
CVE-2021-34601 affects Bender ebee Charge Controllers (notably CC612) with hardcoded SSH credentials in version 5.20.1 and earlier, enabling an attacker to gain administrative access to the web UI. Connected sources confirm affected products/versions; no exploitation status or patch details are p...
CVE-2021-34587
Summary: CVE-2021-34587 affects Bender ebee Charge Controllers (CC612, CC613, ICC15xx/ICC16xx) with versions prior to 5.11.2, 5.12.5, 5.13.2, or 5.20.2. A long URL used as input to sprintf into a stack variable can crash the webserver. CNNVD notes this could allow bypassing credential checks and ...
CVE-2021-34588
The CVE-2021-34588 issue affects Bender ebee Charge Controllers (CC612/CC613 series, ICC15xx/ICC16xx). It arises from an unprotected data export where the backup export is protected by a random key that is set at user login and becomes empty after reboot, enabling credential checks bypass and pri...