3 matches found
CVE-2019-7677
The CVE-2019-7677 entry describes an XSS vulnerability in Enphase Envoy R3.. , exploitable via the profileName parameter on the /home URI served over TCP port 8888. The issue is a client-side or input handling flaw that can allow injection of script/HTML, potentially affecting users accessing the...
CVE-2019-7678
CVE-2019-7678 is a directory traversal vulnerability in Enphase Envoy R3.. exposed on TCP port 8888 via paths images/, include/, include/js, and include/css. The connected records corroborate this as a vulnerability affecting Enphase Envoy R3.. with CVSS v2 base 7.5 (PARTIAL confidentiality/integ...
CVE-2019-7676
CVE-2019-7676 affects Enphase Envoy R3.. ; a weak password vulnerability allows remote attackers to log in to the admin account via TCP port 8888 using the admin password. Reported impact includes partial confidentiality, integrity, and availability. CVSS data from sources indicate base scores of...