Vulnerabilities > Bender

DATE CVE VULNERABILITY TITLE RISK
2022-04-27 CVE-2021-34587 Out-of-bounds Write vulnerability in multiple products
In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash.
network
low complexity
ibm bender CWE-787
5.0
2022-04-27 CVE-2021-34588 Forced Browsing vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware
In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export.
network
low complexity
bender CWE-425
5.0
2022-04-27 CVE-2021-34589 Information Exposure vulnerability in Bender products
In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak.
network
low complexity
bender CWE-200
7.5
2022-04-27 CVE-2021-34590 Cross-site Scripting vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware
In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting.
network
bender CWE-79
3.5
2022-04-27 CVE-2021-34591 Execution with Unnecessary Privileges vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware
In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation.
local
low complexity
bender CWE-250
7.2
2022-04-27 CVE-2021-34592 Command Injection vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware
In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface.
network
low complexity
bender CWE-77
6.5
2022-04-27 CVE-2021-34601 Use of Hard-coded Credentials vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware
In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials.
network
low complexity
bender CWE-798
7.5
2022-04-27 CVE-2021-34602 OS Command Injection vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware
In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface.
network
low complexity
bender CWE-78
6.5
2020-10-16 CVE-2019-19885 Missing Authorization vulnerability in Bender products
In Bender COMTRAXX, user authorization is validated for most, but not all, routes in the system.
network
low complexity
bender CWE-862
6.4