HIGH🇬🇧 English

CVE-2012-6428

CVSS 10.0v2.0pub. 2012-12-23upd. 2026-04-29

The Carlo Gavazzi EOS-Box stores hard-coded passwords in the PHP file of the device. By using the hard-coded passwords, attackers can log into the device with administrative privileges. This could allow the attacker to have unauthorized access.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Carlosgavazzi Eos Box Photovoltaic Monitoring System

    HW
    Carlosgavazzi
    wszystkie wersje
  • Carlosgavazzi Eos Box Photovoltaic Monitoring System Firmware

    OS
    Carlosgavazzi
    ≤ 1.0.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2012-6427HIGH7.8ten sam produkt

The Carlo Gavazzi EOS-Box does not check the validity of the data before executing queries. By accessing the...

CVE-2017-5144CRITICAL9.8ten sam vendor

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to fir...

CVE-2017-5145CRITICAL10.0ten sam vendor

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to fir...

CVE-2017-5146HIGH7.5ten sam vendor

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to fir...