QwikSec

Security Database

CVE

CWE

Training

CVE-2012-5862

Published: Nov 23, 2012

Modified: Jul 8, 2025

PUBLISHED

Description

These Sinapsi devices store hard-coded passwords in the PHP file of the device. By using the hard-coded passwords in the device, attackers can log into the device with administrative privileges. This could allow the attacker to have unauthorized access.

Vendor	Product	Versions
Sinapsi	eSolar	affected `0 - < 2.0.2870_xxx_2.2.12`
Sinapsi	eSolar DUO	affected `0 - < 2.0.2870_xxx_2.2.12`
Sinapsi	eSolar Light	affected `0 - < 2.0.2870_xxx_2.2.12`

Weaknesses (CWE)

References

exploit

x_refsource_EXPLOIT-DB

20120911 Multiple vulnerabilities in Ezylog photovoltaic management server

mailing-list

x_refsource_BUGTRAQ

sinapsi-default-password(80200)

vdb-entry

x_refsource_XF

https://www.cisa.gov/news-events/ics-advisories/icsa-12-325-01

http://www.sinapsitech.it/default.asp?active_page_id=78&news_id=88

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.