Vulnerabilities (CVE)

Filtered by vendor Bkw Subscribe
Filtered by product Solar-log 500 Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-34544 1 Bkw 2 Solar-log 500, Solar-log 500 Firmware 2024-11-11 4.0 MEDIUM 6.5 MEDIUM
An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email.html, and sms.html, cleartext passwords are stored. This may allow sensitive information to be read by someone with access to the device. Fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not existing for SL 250, 300, 1200, 2000, SL 50 Gateway, SL Base.
CVE-2021-34543 1 Bkw 2 Solar-log 500, Solar-log 500 Firmware 2024-11-11 5.0 MEDIUM 7.5 HIGH
The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status. Fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not existing for SL 250, 300, 1200, 2000, SL 50 Gateway, SL Base.