Primary

Context

Bender Charge Controller Cleartext Transmission Vulnerability

Vulnerability

A vulnerability exists in Bender Charge Controller products due to an insecure default configuration that allows HTTP to be used instead of HTTPS for the web interface. This flaw enables an unauthenticated attacker on the same network to intercept sensitive data during transmission. The issue affects all versions of the CC612, CC613, ICC13xx, ICC15xx, and ICC16xx product families.

Impact

The vulnerability allows for cleartext transmission of sensitive information, which could be intercepted by an attacker on the same network.

Remediation

To address this vulnerability, users should enable HTTPS in the web interface settings.

Added: Sep 8, 2025, 7:16 AM

Updated: Sep 8, 2025, 7:16 AM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.3

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.3

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Bender Charge Controller Cleartext Transmission Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Bender CC612

Bender CC613

Bender ICC15xx

Bender ICC16xx

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating