In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender charge controller CC612 in version 5.20.1 and below is prone to hardcoded ssh credentials. An attacker may use the password to gain administrative access to the web-UI.
References
Link | Resource |
---|---|
https://cert.vde.com/en/advisories/VDE-2021-047 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: CERTVDE
Published: 2022-04-27T00:00:00
Updated: 2022-04-27T15:15:33
Reserved: 2021-06-10T00:00:00
Link: CVE-2021-34601
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-27T16:15:11.207
Modified: 2022-05-11T17:46:18.357
Link: CVE-2021-34601
JSON object: View
Redhat Information
No data.