Lucene search
IcscertCVE-2012-6427HistoryDec 23, 2012 - 9:55 p.m.
CVE-2012-6427
2012-12-2321:55:01
CWE-89
icscert
web.nvd.nist.gov
31
cve-2012-6427
sql injection
carlo gavazzi eos-box
firmware
remote attackers
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.004
Percentile
74.4%
Multiple SQL injection vulnerabilities in Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a similar issue to CVE-2012-5861.
Affected configurations
Node
carlosgavazzieos-box_photovoltaic_monitoring_system_firmwareRange≤1.0.0
carlosgavazzieos-box_photovoltaic_monitoring_systemMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| carlosgavazzi | eos-box_photovoltaic_monitoring_system_firmware | * | cpe:2.3:o:carlosgavazzi:eos-box_photovoltaic_monitoring_system_firmware:*:*:*:*:*:*:*:* |
| carlosgavazzi | eos-box_photovoltaic_monitoring_system | - | cpe:2.3:h:carlosgavazzi:eos-box_photovoltaic_monitoring_system:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2012-6427
2012-12-23 21:00:00
CVE-2012-5861
2012-11-23 11:00:00
prion
prion
Sql injection
2012-12-23 21:55:00
Sql injection
2012-11-23 12:09:00
nvd
nvd
CVE-2012-6427
2012-12-23 21:55:01
CVE-2012-5861
2012-11-23 12:09:58
ics
ics
Carlo Gavazzi EOS Box Multiple Vulnerabilities
2013-08-28 12:00:00
Sinapsi Devices Vulnerabilities
2020-01-10 12:00:00
cve
cve
CVE-2012-5861
2012-11-23 12:09:58
exploitdb
exploitdb
Ezylog Photovoltaic Management Server - Multiple Vulnerabilities
2012-09-12 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.004
Percentile
74.4%
Related for CVE-2012-6427