Vulnerabilities > CVE-2021-34590 - Unspecified vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware

047910
CVSS 5.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
bender

Summary

In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. An authenticated attacker could write HTML Code into configuration values. These values are not properly escaped when displayed.

Vulnerable Configurations

Part Description Count
OS
Bender
3
Hardware
Bender
2