Lucene search
K

146 matches found

CVE
CVE
added 2021/12/07 8:41 p.m.44 views

CVE-2021-34544

CVE-2021-34544 affects Solar-Log 500 (and related models) where cleartext passwords are stored in /export.html, /email.html, and /sms.html. The issue exists in Solar-Log 500 prior to 2.8.2 Build 52 (dated 23.04.2013) and is mitigated by upgrading to Solar-Log 3.0.0-60 or later (3.0.0-60 fixed 11....

6.5CVSS6.3AI score0.00997EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/12/07 8:39 p.m.25 views

CVE-2021-34543

The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status. Fixed with...

7.9AI score0.02934EPSS
Exploits1References3
CVE
CVE
added 2021/12/07 8:39 p.m.40 views

CVE-2021-34543

CVE-2021-34543 affects Solar-Log 500 (and related SL models) where the web administration server before version 2.8.2 Build 52 does not require authentication, enabling remote attackers to gain administrative privileges by connecting to the server and modify configuration files or system status. ...

7.5CVSS7.7AI score0.02934EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2021/12/07 12:0 a.m.4 views

PT-2021-20538 · Unknown · Solar-Log 500

Name of the Vulnerable Software and Affected Versions: Solar-Log 500 versions prior to 2.8.2 Build 52 Description: The web administration server does not require authentication, allowing remote attackers to gain administrative privileges by connecting to the server. This enables the attacker to...

7.5CVSS7.7AI score0.02934EPSS
Exploits1References7
CNNVD
CNNVD
added 2021/12/07 12:0 a.m.4 views

Solar-Log 500 访问控制错误漏洞

Solar-Log is a data logger for monitoring PV plants from Solar-Log GmbH in Germany. Solar-Log 500 has a security vulnerability that could be exploited by an attacker to gain administrative privileges by connecting to the server...

7.5CVSS5.6AI score0.02934EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/12/07 12:0 a.m.5 views

Solar-Log 500 安全漏洞

Solar-Log is a data logger used to monitor photovoltaic power plants from Solar-Log GmbH in Germany. Solar-Log 500 has a security vulnerability that could be exploited by an attacker with access to the device to read sensitive information...

6.5CVSS5.6AI score0.00997EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2021/12/07 12:0 a.m.5 views

PT-2021-20539 · Unknown · Solar-Log 200 +2

Name of the Vulnerable Software and Affected Versions: Solar-Log 500 versions prior to 2.8.2 Build 52 23.04.2013 Solar-Log 200 versions prior to 3.0.0-60 11.10.2013 Solar-Log 1000 versions prior to 3.0.0-60 11.10.2013 Description: An issue was discovered in the affected software where cleartext...

6.5CVSS6.5AI score0.00997EPSS
Exploits1References7
Packet Storm
Packet Storm
added 2021/06/11 12:0 a.m.142 views

Solar-Log 500 2.8.2 Incorrect Access Control

Exploit Title: Solar-Log 500 2.8.2 - Incorrect Access Control Google Dork: In Shodan search engine, the filter is ""Server: IPC@CHIP"" Date: 2021-06-11 Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...

0.4AI score
Exploits0
0day.today
0day.today
added 2021/06/11 12:0 a.m.34 views

Solar-Log 500 2.8.2 - Unprotected Storage of Credentials Vulnerability

Exploit Title: Solar-Log 500 2.8.2 - Unprotected Storage of Credentials Google Dork: In Shodan search engine, the filter is ""Server: email protected"" Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/06/11 12:0 a.m.32 views

Solar-Log 500 2.8.2 - Incorrect Access Control Vulnerability

Exploit Title: Solar-Log 500 2.8.2 - Incorrect Access Control Google Dork: In Shodan search engine, the filter is ""Server: email protected"" Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/11 12:0 a.m.167 views

Solar-Log 500 2.8.2 Password Disclosure

Exploit Title: Solar-Log 500 2.8.2 - Unprotected Storage of Credentials Google Dork: In Shodan search engine, the filter is ""Server: IPC@CHIP"" Date: 2021-06-11 Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/11 12:0 a.m.177 views

Solar-Log 500 2.8.2 - Incorrect Access Control

Exploit Title: Solar-Log 500 2.8.2 - Incorrect Access Control Google Dork: In Shodan search engine, the filter is ""Server: IPC@CHIP"" Date: 2021-06-11 Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/11 12:0 a.m.198 views

Solar-Log 500 2.8.2 - Unprotected Storage of Credentials

Exploit Title: Solar-Log 500 2.8.2 - Unprotected Storage of Credentials Google Dork: In Shodan search engine, the filter is ""Server: IPC@CHIP"" Date: 2021-06-11 Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...

7.4AI score
Exploits0
CNVD
CNVD
added 2017/03/27 12:0 a.m.3 views

Solare Datensysteme Solar-Log Devices Cross-Site Request Forgery Vulnerability

Solare Datensysteme GmbH is a global service company providing solar monitoring. A cross-site request forgery vulnerability exists in Solare Datensysteme Solar-Log Devices, which can be exploited by an attacker to execute arbitrary script code on a user's browser on an affected website, and can...

7.5AI score
Exploits0References1
Packet Storm
Packet Storm
added 2017/03/22 12:0 a.m.98 views

Solar-Log CSRF / Information Disclosure / DoS / File Upload

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Solare Datensysteme GmbH Solar-Log 250/300/500/800e/1000/1000 PM+/1200/2000 vulnerable version: Firmware 2.8.4-56 / 3.5.2-85 fixed...

5CVSS6.7AI score0.03202EPSS
Exploits4
0day.today
0day.today
added 2017/03/22 12:0 a.m.73 views

Solare Datensysteme Solar-Log Devices 2.8.4-56 / 3.5.2-85 - Multiple Vulnerabilities

Solare Datensysteme GmbH Solar-Log versions 250, 300, 500, 800e, 1000, 1000 PM+, 1200, and 2000 suffer from cross site request forgery, cross site scripting, file upload, information disclosure, and denial of service vulnerabilities title: Multiple vulnerabilities product: Solare Datensysteme Gmb...

6.9AI score0.03202EPSS
Exploits4
exploitpack
exploitpack
added 2017/03/22 12:0 a.m.77 views

Solare Datensysteme Solar-Log Devices 2.8.4-563.5.2-85 - Multiple Vulnerabilities

Solare Datensysteme Solar-Log Devices 2.8.4-563.5.2-85 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Solare Datensysteme GmbH Solar-Log...

5CVSS0.5AI score0.03202EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/03/22 12:0 a.m.148 views

Solare Datensysteme Solar-Log Devices 2.8.4-56/3.5.2-85 - Multiple Vulnerabilities

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Solare Datensysteme GmbH Solar-Log 250/300/500/800e/1000/1000 PM+/1200/2000 vulnerable version: Firmware 2.8.4-56 / 3.5.2-85 fixed...

5CVSS6.6AI score0.03202EPSS
Exploits4
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.6 views

The vulnerability of the microprogramming software in the Solar-Log photovoltaic system allows a malicious individual to execute arbitrary code and cause malfunctions in the system.

The vulnerability of the Microprogramming Software in the Solar-log photovoltaic system is related to errors in the code of the default web server component used. Exploiting this vulnerability allows a malicious individual to load files by specifying an arbitrary path, including paths to system...

10CVSS5.9AI score
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.8 views

The vulnerability of the microprogramming software in the Solar-Log photovoltaic system allows a remote attacker to gain unauthorized access to confidential information.

The vulnerability of the Microprogramming Software in the Solar-log photovoltaic system arises from the lack of password protection for CGI scripts used for data backup, restoration, and system configuration. Exploiting this vulnerability allows a malicious individual to gain unauthorized access ...

5CVSS5.5AI score
Exploits0References6Affected Software1
Rows per page
Query Builder