20 matches found
CVE-2021-34544
An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email.html, and sms.html, cleartext passwords are stored. This may allow sensitive information to be read by someone with access to the device. Fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not...
CVE-2021-34543
The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status. Fixed with...
Solar-Log 500 has an unspecified vulnerability (CNVD-2021-100335)
Solar-Log is a data logger for monitoring PV plants from Solar-Log GmbH in Germany. Solar-Log 500 has a security vulnerability that could be exploited by an attacker to gain administrative privileges by connecting to the server...
CVE-2021-34543
The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status. Fixed with...
CVE-2021-34544
An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email.html, and sms.html, cleartext passwords are stored. This may allow sensitive information to be read by someone with access to the device. Fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not...
Default credentials
An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email.html, and sms.html, cleartext passwords are stored. This may allow sensitive information to be read by someone with access to the device...
Authentication flaw
The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status...
CVE-2021-34544
An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email.html, and sms.html, cleartext passwords are stored. This may allow sensitive information to be read by someone with access to the device. Fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not...
CVE-2021-34544
CVE-2021-34544 affects Solar-Log 500 (and related models) where cleartext passwords are stored in /export.html, /email.html, and /sms.html. The issue exists in Solar-Log 500 prior to 2.8.2 Build 52 (dated 23.04.2013) and is mitigated by upgrading to Solar-Log 3.0.0-60 or later (3.0.0-60 fixed 11....
CVE-2021-34543
The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status. Fixed with...
CVE-2021-34543
CVE-2021-34543 affects Solar-Log 500 (and related SL models) where the web administration server before version 2.8.2 Build 52 does not require authentication, enabling remote attackers to gain administrative privileges by connecting to the server and modify configuration files or system status. ...
Solar-Log 500 安全漏洞
Solar-Log is a data logger used to monitor photovoltaic power plants from Solar-Log GmbH in Germany. Solar-Log 500 has a security vulnerability that could be exploited by an attacker with access to the device to read sensitive information...
Solar-Log 500 访问控制错误漏洞
Solar-Log is a data logger for monitoring PV plants from Solar-Log GmbH in Germany. Solar-Log 500 has a security vulnerability that could be exploited by an attacker to gain administrative privileges by connecting to the server...
PT-2021-20538 · Unknown · Solar-Log 500
Name of the Vulnerable Software and Affected Versions: Solar-Log 500 versions prior to 2.8.2 Build 52 Description: The web administration server does not require authentication, allowing remote attackers to gain administrative privileges by connecting to the server. This enables the attacker to...
Solar-Log 500 2.8.2 - Incorrect Access Control Vulnerability
Exploit Title: Solar-Log 500 2.8.2 - Incorrect Access Control Google Dork: In Shodan search engine, the filter is ""Server: email protected"" Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...
Solar-Log 500 2.8.2 - Unprotected Storage of Credentials
Exploit Title: Solar-Log 500 2.8.2 - Unprotected Storage of Credentials Google Dork: In Shodan search engine, the filter is ""Server: IPC@CHIP"" Date: 2021-06-11 Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...
Solar-Log 500 2.8.2 - Unprotected Storage of Credentials Vulnerability
Exploit Title: Solar-Log 500 2.8.2 - Unprotected Storage of Credentials Google Dork: In Shodan search engine, the filter is ""Server: email protected"" Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...
Solar-Log 500 2.8.2 - Incorrect Access Control
Exploit Title: Solar-Log 500 2.8.2 - Incorrect Access Control Google Dork: In Shodan search engine, the filter is ""Server: IPC@CHIP"" Date: 2021-06-11 Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...
Solar-Log 500 2.8.2 Password Disclosure
Exploit Title: Solar-Log 500 2.8.2 - Unprotected Storage of Credentials Google Dork: In Shodan search engine, the filter is ""Server: IPC@CHIP"" Date: 2021-06-11 Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...
Solar-Log 500 2.8.2 Incorrect Access Control
Exploit Title: Solar-Log 500 2.8.2 - Incorrect Access Control Google Dork: In Shodan search engine, the filter is ""Server: IPC@CHIP"" Date: 2021-06-11 Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...