CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An issue in Solar-Log 1000 before v2.8.2 and build 52-23.04.2013 was discovered to store plaintext passwords in the export.html, email.html, and sms.html files -- fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not existing for SL 250, 300, 1200, 2000, SL 50 Gateway, SL Base...

8.1CVSS7.3AI score0.00091EPSS

Exploits0

RedhatCVE•added 2025/05/23 7:27 a.m.•5 views

CVE-2024-40117

Incorrect access control in Solar-Log 1000 before v2.8.2 and build 52- 23.04.2013 allows attackers to obtain Administrative privileges via connecting to the web administration server. Not existing for SL 200, 500, 1000 / fixed in 4.2.8 for SL 250, 300, 1200, 2000, SL 50 Gateway / fixed in 5.1.2 /...

9.8CVSS7AI score0.00152EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 1:51 a.m.•4 views

CVE-2023-46344

A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting XSS vulnerability in the switch group function under /ilang=DE=csmartenergyswgroups in the web...

5.4CVSS6.1AI score0.00181EPSS

Exploits4References1

RedhatCVE•added 2025/05/23 12:19 a.m.•10 views

CVE-2022-47767

A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker. This affects Solar-Log devices that use firmware version v4.2.7 up to v5.1.1 included. This does not exist in SL 200, 500, 1000 / fixed in 4.2.8 for SL 250, 300,...

9.8CVSS7.2AI score0.00482EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 9:33 p.m.•4 views

CVE-2021-34544

An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email.html, and sms.html, cleartext passwords are stored. This may allow sensitive information to be read by someone with access to the device. Fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not...

6.5CVSS6.4AI score0.00396EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 7:51 p.m.•2 views

CVE-2021-34543

The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status. Fixed with...

7.5CVSS7.3AI score0.0119EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 10:47 a.m.•5 views

CVE-2017-20019

A vulnerability classified as problematic was found in Solare Solar-Log 2.8.4-56/3.5.2-85. Affected by this vulnerability is an unknown functionality of the component Config Handler. The manipulation leads to information disclosure. The attack can be launched remotely. Upgrading to version 3.5.3-...

7.5CVSS6.5AI score0.00273EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 5:6 a.m.•6 views

CVE-2017-20022

A vulnerability has been found in Solare Solar-Log 2.8.4-56/3.5.2-85 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to information disclosure. The attack can be initiated remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is...

7.5CVSS6.5AI score0.00316EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 1:55 a.m.•4 views

CVE-2017-20024

A vulnerability was found in Solare Solar-Log 2.8.4-56/3.5.2-85. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. It is possible to launch the attack remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is...

7.5CVSS6.8AI score0.00433EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by