CVE-2012-5862

These Sinapsi devices
store hard-coded passwords in the PHP file of the device. By using the 
hard-coded passwords in the device, attackers can log into the device 
with administrative privileges. This could allow the attacker to have 
unauthorized access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
VendorProductVersion
sinapsitechsinapsi_firmware
𝑥
≤ 2.0.2870
sinapsitechesolar_duo_photovoltaic_system_monitor
-
sinapsitechesolar_light_photovoltaic_system_monitor
-
sinapsitechesolar_photovoltaic_system_monitor
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2012-09/0045.html
http://www.exploit-db.com/exploits/21273/
http://www.sinapsitech.it/default.asp?active_page_id=78&news_id=88
https://exchange.xforce.ibmcloud.com/vulnerabilities/80200
https://www.cisa.gov/news-events/ics-advisories/icsa-12-325-01
http://archives.neohapsis.com/archives/bugtraq/2012-09/0045.html
http://www.exploit-db.com/exploits/21273/
http://www.sinapsitech.it/default.asp?active_page_id=78&news_id=88
http://www.us-cert.gov/control_systems/pdf/ICSA-12-325-01.pdf
https://exchange.xforce.ibmcloud.com/vulnerabilities/80200