RCE in Evbee Dc-80

CVE-2026-22100

The OCPP DataTransfer message `ReserveLogin` is vulnerable to command injection. By manipulating the data value, arbitrary OS commands can be executed as root.

Vulnerability class: Command Injection (OS Command Injection)

Affected products

Weakness classification (CWE)

References