CVE-2012-6428
Carlo Gavazzi EOS-Box < 1.0.0.1080_2.1.10 - Hard-coded Passwords in PHP File
Title source: llmDescription
The Carlo Gavazzi EOS-Box stores hard-coded passwords in the PHP file of the device. By using the hard-coded passwords, attackers can log into the device with administrative privileges. This could allow the attacker to have unauthorized access.
References (2)
Core 2
Core References
US Government Resource
http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-02.pdf
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-12-354-02
Scores
EPSS
0.0139
EPSS Percentile
68.8%
Details
CWE
CWE-255
CWE-798
Status
published
Products (3)
Carlo Gavazzi Automation/EOS-Box
< 1.0.0.1080_2.1.10
carlosgavazzi/eos-box_photovoltaic_monitoring_system
carlosgavazzi/eos-box_photovoltaic_monitoring_system_firmware
< 1.0.0
Published
Dec 23, 2012
Tracked Since
Feb 18, 2026