cbcvebase.

Sinapsi Esolar vulnerabilities

4 known vulnerabilities affecting sinapsi/esolar.

Total CVEs
4
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH1

Vulnerabilities

Page 1 of 1
CVE-2012-5863P2CRITICALCVSS 10.0PoCfixed in 2.0.2870_xxx_2.2.122012-11-23
CVE-2012-5863 [CRITICAL] CWE-78 CVE-2012-5863: These Sinapsi devices do not check for special elements in commands sent to the system. By accessin These Sinapsi devices do not check for special elements in commands sent to the system. By accessing certain pages with administrative privileges that do not require authentication within the device, attackers can execute arbitrary, unexpected, or dangerous commands directly onto the operating system.
nvd
CVE-2012-5862P2CRITICALCVSS 10.0PoCfixed in 2.0.2870_xxx_2.2.122012-11-23
CVE-2012-5862 [CRITICAL] CWE-259 CVE-2012-5862: These Sinapsi devices store hard-coded passwords in the PHP file of the device. By using the hard-c These Sinapsi devices store hard-coded passwords in the PHP file of the device. By using the hard-coded passwords in the device, attackers can log into the device with administrative privileges. This could allow the attacker to have unauthorized access.
nvd
CVE-2012-5864P2CRITICALCVSS 10.0PoCfixed in 2.0.2870_xxx_2.2.122012-11-23
CVE-2012-5864 [CRITICAL] CWE-287 CVE-2012-5864: These Sinapsi devices do not check if users that visit pages within the device have properly authe These Sinapsi devices do not check if users that visit pages within the device have properly authenticated. By directly visiting the pages within the device, attackers can gain unauthorized access with administrative privileges.
nvd
CVE-2012-5861P3HIGHCVSS 7.5PoCfixed in 2.0.2870_xxx_2.2.122012-11-23
CVE-2012-5861 [HIGH] CWE-89 CVE-2012-5861: These Sinapsi devices do not check the validity of the data before executing queries. By accessing These Sinapsi devices do not check the validity of the data before executing queries. By accessing the SQL table of certain pages that do not require authentication within the device, attackers can leak information from the device. This could allow the attacker to compromise confidentiality.
nvd
Sinapsi Esolar vulnerabilities | cvebase