CVE-2017-5146

HIGH

Carlo Gavazzi VMU-C <A11_U05/A17 - Info Disclosure

Title source: llm

Description

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. Sensitive information is stored in clear-text.

Exploits (1)

metasploit WORKING POC
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/gavazzi_em_login_loot.rb

References (2)

Scores

CVSS v3 7.5
EPSS 0.6461
EPSS Percentile 98.5%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (3)
carlosgavazzi/vmu-c_em_firmware
carlosgavazzi/vmu-c_pv_firmware
n/a/Carlo Gavazzi VMU-C EM and VMU-C PV Carlo Gavazzi VMU-C EM and VMU-C PV
Published Feb 13, 2017
Tracked Since Feb 18, 2026