Evbee Dc-80

8 CVEs affecting Evbee Dc-80. Latest disclosed: 2026-07-13. Critical: 0, High: 0.

Top CVEs affecting Evbee Dc-80
CVESeverityScorePublishedSummary
CVE-2026-221032026-07-13The NPC start endpoint on the web server at port 8090 is vulnerable to command injection.
CVE-2026-221022026-07-13A POST request sent to a specific webserver endpoint can be used to write to arbitrary file locations. The endpoint accepts the filename parameter in the Conte…
CVE-2026-221002026-07-13The OCPP DataTransfer message `ReserveLogin` is vulnerable to command injection. By manipulating the data value, arbitrary OS commands can be executed as root.
CVE-2026-220992026-07-13The charging station does not require authentication for Bluetooth commands to perform actions. The functionality exposed includes sensitive information leakag…
CVE-2026-220982026-07-13Various sensitive information such as passwords and charging card UIDs are written to log files.
CVE-2026-220972026-07-13The firmware update mechanism does not include cryptographic signature validation. This allows anyone with access to the firmware update capability to upload a…
CVE-2026-220962026-07-13The webserver running on port 8090 does not require authentication. This allows for sensitive information leakage such as configured passwords, or uploading fi…
CVE-2026-220952026-07-13The network diagnosis endpoint on the web server at port 8090 is vulnerable to command injection.