Published: 23/11/2012 Updated: 29/08/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

ping.php on the Sinapsi eSolar Light Photovoltaic System Monitor (aka Schneider Electric Ezylog photovoltaic SCADA management server), Sinapsi eSolar, and Sinapsi eSolar DUO with firmware prior to 2.0.2870_2.2.12 allows remote malicious users to execute arbitrary commands via shell metacharacters in the ip_dominio parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sinapsitech sinapsi_firmware
sinapsitech esolar_duo_photovoltaic_system_monitor -
sinapsitech esolar_photovoltaic_system_monitor -
sinapsitech esolar_light_photovoltaic_system_monitor -

Multiple vulnerabilities in Ezylog photovoltaic management server ================================================================= [ADVISORY INFORMATION] Title: Multiple vulnerabilities in Ezylog photovoltaic management server Discovery date: 27/08/2012 Release date: 11/09/2012 Credits: Roberto Paleari (roberto@greyhatsit, @rpa ...

CWE-264 http://www.exploit-db.com/exploits/21273/http://archives.neohapsis.com/archives/bugtraq/2012-09/0045.html http://www.us-cert.gov/control_systems/pdf/ICSA-12-325-01.pdf http://www.sinapsitech.it/default.asp?active_page_id=78&news_id=88 https://exchange.xforce.ibmcloud.com/vulnerabilities/80202 https://nvd.nist.gov https://www.exploit-db.com/exploits/21273/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-5863

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect