Hardcoded SSH Credentials in Bender/ebee Charge Controllers

Hardcoded SSH Credentials in Bender/ebee Charge Controllers

CVE-2021-34601 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender charge controller CC612 in version 5.20.1 and below is prone to hardcoded ssh credentials. An attacker may use the password to gain administrative access to the web-UI.

Learn more about our Web App Pen Testing.