Описание
Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code in the Android application. An attacker can exploit this and gain access to sensitive information.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:enphase:installer_toolkit:3.27.0:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00102
Низкий
8.6 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-798
Связанные уязвимости
CVSS3: 8.6
github
больше 2 лет назад
Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code in the Android application. An attacker can exploit this and gain access to sensitive information.
EPSS
Процентиль: 29%
0.00102
Низкий
8.6 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-798