CVE-2017-5162

CRITICAL

BINOM3 Universal Multifunctional Electric Power Quality Meter Firmware - Unauthenticated Remote Access to Configuration

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-5162. Includes Metasploit module auxiliary/scanner/http/binom3_login_config_pass_dump.

AI-analyzed exploit summary This Metasploit module scans for Binom3 Multifunctional Revenue Energy Meter and Power Quality Analyzer management login portals, attempts to brute-force default credentials, and dumps configuration and password files upon successful authentication.

Description

An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of authentication for remote service gives access to application set up and configuration.

Exploits (1)

metasploit WORKING POC
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/binom3_login_config_pass_dump.rb

This Metasploit module scans for Binom3 Multifunctional Revenue Energy Meter and Power Quality Analyzer management login portals, attempts to brute-force default credentials, and dumps configuration and password files upon successful authentication.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Binom3 Multifunctional Revenue Energy Meter and Power Quality Analyzer
Auth required
Prerequisites: Network access to the target device · Default credentials or valid credentials
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A
Third Party Advisory, US Government Resource vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/93028

Scores

CVSS v3 9.8
EPSS 0.1261
EPSS Percentile 95.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-306
Status published
Products (2)
binom3/universal_multifunctional_electric_power_quality_meter_firmware
n/a/BINOM3 Electric Power Quality Meter BINOM3 Electric Power Quality Meter
Published Feb 13, 2017
Tracked Since Feb 18, 2026