CVE-2021-34589
HIGHBender Charge Controllers 5.11.0-5.11.1 and 5.12.0-5.12.4 - Unauthenticated RFID Exposure via Web Interface
Title source: llmDescription
In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. The RFID of the last charge event can be read without authentication via the web interface.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://cert.vde.com/en/advisories/VDE-2021-047
Scores
CVSS v3
7.5
EPSS
0.0092
EPSS Percentile
55.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (5)
bender/cc612_firmware
5.11.0 - 5.11.2
bender/cc613_firmware
5.11.0 - 5.11.2
bender/icc15xx_firmware
5.11.0 - 5.11.2
bender/icc16xx_firmware
5.11.0 - 5.11.2
bender/icc613_firmware
5.12.0 - 5.12.5
Published
Apr 27, 2022
Tracked Since
Feb 18, 2026