CVE-2012-6428

EUVD-2012-6283
The Carlo Gavazzi 
EOS-Box

stores hard-coded passwords in the PHP file of 
the device. By using the hard-coded passwords, attackers can log into 
the device with administrative privileges. This could allow the attacker
 to have unauthorized access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
Affected Products (NVD)
VendorProductVersion
carlosgavazzieos-box_photovoltaic_monitoring_system_firmware
𝑥
≤ 1.0.0
carlosgavazzieos-box_photovoltaic_monitoring_system
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.cisa.gov/news-events/ics-advisories/icsa-12-354-02
http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-02.pdf