CVE-2012-5862: Sinapsi eSolar Hard-Coded Password

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-5862

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Sinapsi eSolar Hard-Coded Password

Source: NVD (National Vulnerability Database)

Vulnerability Description

These Sinapsi devices store hard-coded passwords in the PHP file of the device. By using the hard-coded passwords in the device, attackers can log into the device with administrative privileges. This could allow the attacker to have unauthorized access.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

使用硬编码的口令

Source: NVD (National Vulnerability Database)

Vulnerability Title

Sinapsi eSolar 加密问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Sinapsi eSolar Light是意大利Sinapsi公司的一套在太阳能应用程序内使用的监控系统。基于Sinapsi eSolar Light Photovoltaic System Monitor (又名Schneider Electric Ezylog photovoltaic SCADA 管理服务器)，Sinapsi eSolar，Sinapsi eSolar DUO 固件2.0.2870_2.2.12之前版本中的login.php脚本中存在漏洞，该漏洞源于建立了多个硬编码账户。远程攻击者

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Sinapsi	eSolar	0 ~ 2.0.2870_xxx_2.2.12	-
Sinapsi	eSolar DUO	0 ~ 2.0.2870_xxx_2.2.12	-
Sinapsi	eSolar Light	0 ~ 2.0.2870_xxx_2.2.12	-

II. Public POCs for CVE-2012-5862

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2012-5862

Please Login to view more intelligence information

🔗 http://www.sinapsitech.it/default.asp?active_page_id=78&news_id=88x_refsource_CONFIRM
🔗 http://www.us-cert.gov/control_systems/pdf/ICSA-12-325-01.pdfx_refsource_MISC
🔗 http://www.exploit-db.com/exploits/21273/exploitx_refsource_EXPLOIT-DB
🔗 http://archives.neohapsis.com/archives/bugtraq/2012-09/0045.htmlmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2012-5862

IV. Related Vulnerabilities

Same product: eSolar

Same vendor: Sinapsi

Same weakness: CWE-259

V. Comments for CVE-2012-5862

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2012-5862

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2012-5862

III. Intelligence Information for CVE-2012-5862

IV. Related Vulnerabilities

V. Comments for CVE-2012-5862

Leave a comment