Carlosgavazzi » Eos-box Photovoltaic Monitoring System Firmware : Security Vulnerabilities, CVEs, CVSS score >= 4
Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 establishes multiple hardcoded accounts, which makes it easier for remote attackers to obtain administrative access by reading a password in a PHP script, a similar issue to CVE-2012-5862.
Max CVSS
10.0
EPSS Score
0.26%
Published
2012-12-23
Updated
2013-01-08
Multiple SQL injection vulnerabilities in Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a similar issue to CVE-2012-5861.
Max CVSS
7.5
EPSS Score
0.09%
Published
2012-12-23
Updated
2012-12-24
2 vulnerabilities found