In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could enter shell commands into some input fields that are executed with root privileges.
References
Link | Resource |
---|---|
https://cert.vde.com/en/advisories/VDE-2021-047 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: CERTVDE
Published: 2022-04-27T00:00:00
Updated: 2022-04-27T15:15:34
Reserved: 2021-06-10T00:00:00
Link: CVE-2021-34602
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-27T16:15:11.267
Modified: 2022-05-11T17:46:44.410
Link: CVE-2021-34602
JSON object: View
Redhat Information
No data.
CWE