CVEs-PoC/2012/CVE-2012-5862.md

### [CVE-2012-5862](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5862)
![](https://img.shields.io/static/v1?label=Product&message=eSolar%20DUO&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=eSolar%20Light&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=eSolar&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-259&color=brightgreen)

### Description

These Sinapsi devicesstore hard-coded passwords in the PHP file of the device. By using the hard-coded passwords in the device, attackers can log into the device with administrative privileges. This could allow the attacker to have unauthorized access.

### POC

#### Reference
- https://www.cisa.gov/news-events/ics-advisories/icsa-12-325-01

#### Github
No PoCs found on GitHub currently.