← Retour aux CVEs
CVE-2021-34601
CRITICAL9.8
Description
In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender charge controller CC612 in version 5.20.1 and below is prone to hardcoded ssh credentials. An attacker may use the password to gain administrative access to the web-UI.
Details CVE
Score CVSS v3.19.8
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie4/27/2022
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
bender:cc612bender:cc612_firmwarebender:cc613bender:icc15xx_firmware
Faiblesses (CWE)
CWE-259CWE-798
References
https://cert.vde.com/en/advisories/VDE-2021-047(info@cert.vde.com)
https://cert.vde.com/en/advisories/VDE-2021-047(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.