In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender charge controller CC612 in version 5.20.1 and below is prone to hardcoded ssh credentials. An attacker may use the password to gain administrative access to the web-UI.
References
Link | Resource |
---|---|
https://cert.vde.com/en/advisories/VDE-2021-047 | Vendor Advisory |
https://cert.vde.com/en/advisories/VDE-2021-047 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
21 Nov 2024, 06:10
Type | Values Removed | Values Added |
---|---|---|
References | () https://cert.vde.com/en/advisories/VDE-2021-047 - Vendor Advisory |
11 May 2022, 17:46
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CWE | CWE-798 | |
CPE | cpe:2.3:h:bender:cc613:-:*:*:*:*:*:*:* cpe:2.3:h:bender:cc612:-:*:*:*:*:*:*:* cpe:2.3:o:bender:icc15xx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:bender:cc612_firmware:*:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://cert.vde.com/en/advisories/VDE-2021-047 - Vendor Advisory |
27 Apr 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-27 16:15
Updated : 2024-11-21 06:10
NVD link : CVE-2021-34601
Mitre link : CVE-2021-34601
CVE.ORG link : CVE-2021-34601
JSON object : View
Products Affected
bender
- cc612_firmware
- cc612
- cc613
- icc15xx_firmware