CVE-2024-40116

Published: Jul 26, 2024

Modified: Mar 26, 2025

PUBLISHED

Description

An issue in Solar-Log 1000 before v2.8.2 and build 52-23.04.2013 was discovered to store plaintext passwords in the export.html, email.html, and sms.html files -- fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not existing for SL 250, 300, 1200, 2000, SL 50 Gateway, SL Base.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.solar-log.com/en/support/firmware-database-1

https://github.com/nepenthe0320/cve_poc/blob/master/Solar-Log%201000%20-%20Unprotected%20Storage%20of%20Credentials

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-40116

Description

Affected Products

References