An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email.html, and sms.html, cleartext passwords are stored. This may allow sensitive information to be read by someone with access to the device.
References
Link | Resource |
---|---|
https://drive.google.com/file/d/1N8Ch1UGNcoocUaPhOe_1mAECOe5kr4pt/view?usp=sharing | Exploit Third Party Advisory |
https://www.exploit-db.com/exploits/49987 | Exploit Third Party Advisory VDB Entry |
https://www.solar-log.com/en/support/firmware/ | Product Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-12-07T20:41:21
Updated: 2021-12-07T20:41:21
Reserved: 2021-06-10T00:00:00
Link: CVE-2021-34544
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-12-07T21:15:08.217
Modified: 2021-12-09T17:15:35.563
Link: CVE-2021-34544
JSON object: View
Redhat Information
No data.
CWE