{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-22T02:10:31.963","vulnerabilities":[{"cve":{"id":"CVE-2012-5862","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2012-11-23T12:09:58.430","lastModified":"2026-06-16T23:47:28.807","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"These Sinapsi devices\nstore hard-coded passwords in the PHP file of the device. By using the \nhard-coded passwords in the device, attackers can log into the device \nwith administrative privileges. This could allow the attacker to have \nunauthorized access."},{"lang":"es","value":"login.php en el Sinapsi eSolar Light Photovoltaic System Monitor (también conocido como servidor de gestión Schneider Electric Ezylog photovoltaic SCADA), Sinapsi eSolar, y Sinapsi eSolar DUO con firmware anterior a v2.0.2870_2.2.12 establece múltiples cuentas grabadas en memoria, lo que hace fácil a atacantes remotos obtener acceso administrativo mediante (1) la obtención de contraseñas en texto plano o (2) el hash de la contraseña en este script, como se demostró por una contraseña de astridservice o 36e44c9b64."}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"Sinapsi","product":"eSolar","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"2.0.2870_xxx_2.2.12","versionType":"custom","status":"affected"}]},{"vendor":"Sinapsi","product":"eSolar DUO","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"2.0.2870_xxx_2.2.12","versionType":"custom","status":"affected"}]},{"vendor":"Sinapsi","product":"eSolar Light","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"2.0.2870_xxx_2.2.12","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-259"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-310"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sinapsitech:sinapsi_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"2.0.2870","matchCriteriaId":"382C527D-16D4-4557-8E68-C4430416DB57"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:sinapsitech:esolar_duo_photovoltaic_system_monitor:-:*:*:*:*:*:*:*","matchCriteriaId":"BF238DD2-D119-4652-B63B-9321DFB01A90"},{"vulnerable":true,"criteria":"cpe:2.3:h:sinapsitech:esolar_light_photovoltaic_system_monitor:-:*:*:*:*:*:*:*","matchCriteriaId":"C00B699F-DE3B-4371-B814-DE54038C60A0"},{"vulnerable":true,"criteria":"cpe:2.3:h:sinapsitech:esolar_photovoltaic_system_monitor:-:*:*:*:*:*:*:*","matchCriteriaId":"288B1E9C-52C3-4ACC-807D-F650B850D874"}]}]}],"references":[{"url":"http://archives.neohapsis.com/archives/bugtraq/2012-09/0045.html","source":"ics-cert@hq.dhs.gov","tags":["Exploit"]},{"url":"http://www.exploit-db.com/exploits/21273/","source":"ics-cert@hq.dhs.gov","tags":["Exploit"]},{"url":"http://www.sinapsitech.it/default.asp?active_page_id=78&news_id=88","source":"ics-cert@hq.dhs.gov"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/80200","source":"ics-cert@hq.dhs.gov"},{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-12-325-01","source":"ics-cert@hq.dhs.gov"},{"url":"http://archives.neohapsis.com/archives/bugtraq/2012-09/0045.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.exploit-db.com/exploits/21273/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.sinapsitech.it/default.asp?active_page_id=78&news_id=88","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.us-cert.gov/control_systems/pdf/ICSA-12-325-01.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/80200","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}