Bender Cc612_firmware

8 CVEs affecting Bender Cc612_firmware. Latest disclosed: 2022-04-27. Critical: 1, High: 5.

Top CVEs affecting Bender Cc612_firmware
CVESeverityScorePublishedSummary
CVE-2021-34601Critical9.82022-04-27In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender charge controller CC612 in version 5.20.1 and below is prone…
CVE-2021-34602High8.82022-04-27In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could enter shell commands i…
CVE-2021-34592High8.82022-04-27In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could enter shell commands i…
CVE-2021-34588High8.62022-04-27In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. Backup export is protected via a random key. The key is set at use…
CVE-2021-34591High7.82022-04-27In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. An authenticated attacker could get root access via the suid ap…
CVE-2021-34589High7.52022-04-27In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. The RFID of the last charge event can be read without authentication via the…
CVE-2021-34590Medium5.42022-04-27In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. An authenticated attacker could write HTML Code into configuration va…
CVE-2021-34587Medium5.32022-04-27In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable.