1. Home
  2. CVE Database
  3. CVE-2012-5861
HIGH · 7.8

CVE-2012-5861

These Sinapsi devices do not check the validity of the data before executing queries. By accessing the SQL table of certain pages that do not require authentication within the device, attackers can ...

Vulnerability Description

These Sinapsi devices do not check the validity of the data before executing queries. By accessing the SQL table of certain pages that do not require authentication within the device, attackers can leak information from the device. This could allow the attacker to compromise confidentiality.

CVSS Score

7.8

HIGH

AV:N/AC:L/Au:N/C:C/I:N/A:N
Confidentiality
COMPLETE
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
SinapsitechSinapsi Firmware<= 2.0.2870
SinapsitechEsolar Duo Photovoltaic System Monitor-
SinapsitechEsolar Light Photovoltaic System Monitor-
SinapsitechEsolar Photovoltaic System Monitor-

Related Weaknesses (CWE)

CWE-89

References

FAQ

What is CVE-2012-5861?

CVE-2012-5861 is a vulnerability with a CVSS score of 7.8 (HIGH). These Sinapsi devices do not check the validity of the data before executing queries. By accessing the SQL table of certain pages that do not require authentication within the device, attackers can ...

How severe is CVE-2012-5861?

CVE-2012-5861 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-5861?

Check the references section above for vendor advisories and patch information. Affected products include: Sinapsitech Sinapsi Firmware, Sinapsitech Esolar Duo Photovoltaic System Monitor, Sinapsitech Esolar Light Photovoltaic System Monitor, Sinapsitech Esolar Photovoltaic System Monitor.