Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2025/04/15 12:0 a.m.6 views

PT-2025-16533

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description The issue allows unauthenticated attackers to retrieve the serial number of smart meters associated with a specific user account. This is a significant concern as it could potentially be used ...

6.9CVSS6.5AI score0.00273EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/11/17 12:0 a.m.26 views

CVE-2020-11447

An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can retrieve the serial number via cgi/json-req - this is an information leak because the serial number is intended to prove an actor's physical access to the device...

4.4AI score0.00652EPSS
Exploits1References2
NVD
NVD
added 2021/06/16 7:15 p.m.18 views

CVE-2020-25753

An issue was discovered on Enphase Envoy R3.x and D4.x devices with v3 software. The default admin password is set to the last 6 digits of the serial number. The serial number can be retrieved by an unauthenticated user at /info.xml...

9.8CVSS0.02231EPSS
Exploits1References3
Prion
Prion
added 2021/06/16 7:15 p.m.16 views

Authentication flaw

An issue was discovered on Enphase Envoy R3.x and D4.x devices. There is a custom PAM module for user authentication that circumvents traditional user authentication. This module uses a password derived from the MD5 hash of the username and serial number. The serial number can be retrieved by an...

5CVSS7.8AI score0.01339EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2021/06/16 7:15 p.m.16 views

Default credentials

An issue was discovered on Enphase Envoy R3.x and D4.x devices with v3 software. The default admin password is set to the last 6 digits of the serial number. The serial number can be retrieved by an unauthenticated user at /info.xml...

7.5CVSS9.6AI score0.02231EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/06/16 6:26 p.m.23 views

CVE-2020-25753

An issue was discovered on Enphase Envoy R3.x and D4.x devices with v3 software. The default admin password is set to the last 6 digits of the serial number. The serial number can be retrieved by an unauthenticated user at /info.xml...

9.7AI score0.02231EPSS
Exploits1References3
Rows per page
Query Builder