CVE-2012-5863

Summary

These Sinapsi devices do not check for special elements in commands sent to the system. By accessing certain pages with administrative privileges that do not require authentication within the device, attackers can execute arbitrary, unexpected, or dangerous commands directly onto the operating system.

Affected Software

VendorProductVersion RangeStatus
SinapsieSolar0 < 2.0.2870_xxx_2.2.12affected
SinapsieSolar DUO0 < 2.0.2870_xxx_2.2.12affected
SinapsieSolar Light0 < 2.0.2870_xxx_2.2.12affected

Weaknesses

  • CWE-78: CWE-78

ADP Enrichment

CVE Program Container

Additional References

References