Envoy 安全漏洞

Envoy is an Enphase open source gateway program for connecting smart home devices. A security vulnerability exists in Envoy versions 1.33.12, 1.34.10, 1.35.6, 1.36.2, and prior versions, which stems from the mTLS certificate matcher incorrectly handling certificates embedded with null bytes, whic...

CVE-2020-25753

An issue was discovered on Enphase Envoy R3.x and D4.x devices with v3 software. The default admin password is set to the last 6 digits of the serial number. The serial number can be retrieved by an unauthenticated user at /info.xml...