Bender Icc15xx Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Bender Icc15xx Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2021-34601 — CVSS 9.8 (critical): In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender charge controller CC612 in version 5.20.1…
CVE-2021-34592 — CVSS 8.8 (high): In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could…
CVE-2021-34602 — CVSS 8.8 (high): In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could…
CVE-2021-34588 — CVSS 8.6 (high): In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. Backup export is protected via a random key…
CVE-2021-34591 — CVSS 7.8 (high): In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. An authenticated attacker could get root…
CVE-2021-34589 — CVSS 7.5 (high): In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. The RFID of the last charge event can be read without…
CVE-2021-34590 — CVSS 5.4 (medium): In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. An authenticated attacker could write HTML Code…
CVE-2021-34587 — CVSS 5.3 (medium): In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to…