← Back

CVE-2012-5862

nvd nist
Published: Nov 23, 2012Modified: Apr 29, 2026

JSON object

Loading...
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD

Description

These Sinapsi devices store hard-coded passwords in the PHP file of the device. By using the hard-coded passwords in the device, attackers can log into the device with administrative privileges. This could allow the attacker to have unauthorized access.

Affected (4)

Sinapsitech
4 products
Sinapsi Firmware
Esolar Duo Photovoltaic System Monitor
Esolar Light Photovoltaic System Monitor
Esolar Photovoltaic System Monitor
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Sinapsi Firmware
Up to 2.0.2870
Esolar Duo Photovoltaic System Monitor
All versions
Esolar Light Photovoltaic System Monitor
All versions
Esolar Photovoltaic System Monitor
All versions

Related CWEs

CWE-259
Use of Hard-coded Password
The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
CWE-310
CWE-310

References (10)

Source: ics-cert@hq.dhs.gov
Exploit
Source: ics-cert@hq.dhs.gov
Exploit
Source: ics-cert@hq.dhs.gov
Source: ics-cert@hq.dhs.gov
Source: ics-cert@hq.dhs.gov
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.