CVE-2012-5864

Sinapsitech Sinapsi Firmware < 2.0.2870 - Authentication Bypass

Title source: rule

Description

These Sinapsi devices do not check if users that visit pages within the device have properly authenticated. By directly visiting the pages within the device, attackers can gain unauthorized access with administrative privileges.

Exploits (1)

exploitdb WRITEUP
by Roberto Paleari · textwebappsphp
https://www.exploit-db.com/exploits/21273

References (7)

Scores

EPSS 0.1826
EPSS Percentile 95.1%

Classification

CWE
CWE-287 CWE-264
Status draft

Affected Products (4)

sinapsitech/sinapsi_firmware < 2.0.2870
sinapsitech/esolar_duo_photovoltaic_system_monitor
sinapsitech/esolar_light_photovoltaic_system_monitor
sinapsitech/esolar_photovoltaic_system_monitor

Timeline

Published Nov 23, 2012
Tracked Since Feb 18, 2026