CVE-2012-5864

These Sinapsi devices 
do not check if users that visit pages within the device have properly 
authenticated. By directly visiting the pages within the device, 
attackers can gain unauthorized access with administrative privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:N
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
VendorProductVersion
sinapsitechsinapsi_firmware
𝑥
≤ 2.0.2870
sinapsitechesolar_duo_photovoltaic_system_monitor
-
sinapsitechesolar_light_photovoltaic_system_monitor
-
sinapsitechesolar_photovoltaic_system_monitor
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2012-09/0045.html
http://www.exploit-db.com/exploits/21273/
http://www.sinapsitech.it/default.asp?active_page_id=78&news_id=88
https://exchange.xforce.ibmcloud.com/vulnerabilities/80200
https://www.cisa.gov/news-events/ics-advisories/icsa-12-325-01
http://archives.neohapsis.com/archives/bugtraq/2012-09/0045.html
http://www.exploit-db.com/exploits/21273/
http://www.sinapsitech.it/default.asp?active_page_id=78&news_id=88
http://www.us-cert.gov/control_systems/pdf/ICSA-12-325-01.pdf
https://exchange.xforce.ibmcloud.com/vulnerabilities/80203