pudding2/enphase-energy

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-7676 ↗	Feb 9, 2019Saturday, 9 February 2019, 22:29	—	6.5 MEDIUM
A weak password vulnerability was discovered in Enphase Envoy R3... One can login via TCP port 8888 with the admin password for the admin account.
CVE-2019-7677 ↗	Feb 9, 2019Saturday, 9 February 2019, 22:29	—	4.3 MEDIUM
XSS exists in Enphase Envoy R3.. via the profileName parameter to the /home URI on TCP port 8888.
CVE-2019-7678 ↗	Feb 9, 2019Saturday, 9 February 2019, 22:29	—	7.5 HIGH
A directory traversal vulnerability was discovered in Enphase Envoy R3.. via images/, include/, include/js, or include/css on TCP port 8888.