CVE-2021-34601

Bender Charge Controller: Hardcoded Credentials in Charge Controller

CVSS 9.8 CRITICALEPSS 1.0%CWE-259

In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender charge controller CC612 in version 5.20.1 and below is prone to hardcoded ssh credentials. An attacker may use the password to gain administrative access to the web-UI.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Produtos afetados

Bender / ebee · CC612 Bender / ebee · CC613 Bender / ebee · ICC15xx Bender / ebee · ICC16xx

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://cert.vde.com/en/advisories/VDE-2021-047