Search criteria
11 vulnerabilities by enphase
CVE-2024-21876 (GCVE-0-2024-21876)
Vulnerability from cvelistv5 – Published: 2024-08-10 17:44 – Updated: 2025-03-11 13:38
VLAI?
Title
Unauthenticated Path Traversal via URL Parameter in Enphase IQ Gateway version < 8.2.4225
Summary
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability via a URL parameter in Enphase IQ Gateway (formerly known as Envoy) allows an unautheticated attacker to access or create arbitratry files.This issue affects Envoy: from 4.x to 8.x and < 8.2.4225.
Severity ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Enphase | IQ Gateway |
Affected:
8.0 , < 8.2.4225
(semver)
Affected: 7.x (semver) Affected: 6.x (semver) Affected: 5.x (semver) Affected: 4.x (semver) |
Credits
Wietse Boonstra (DIVD)
Hidde Smit (DIVD)
Frank Breedijk (DIVD)
Max van der Horst (DIVD)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:enphase:envoy:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "envoy",
"vendor": "enphase",
"versions": [
{
"lessThan": "8.2.4225",
"status": "affected",
"version": "4",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21876",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T15:37:25.286235Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T15:38:58.808Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IQ Gateway",
"vendor": "Enphase",
"versions": [
{
"lessThan": "8.2.4225",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "7.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "6.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Wietse Boonstra (DIVD)"
},
{
"lang": "en",
"type": "finder",
"value": "Hidde Smit (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Frank Breedijk (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Max van der Horst (DIVD)"
}
],
"datePublic": "2024-08-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability via a URL parameter in Enphase IQ Gateway (formerly known as Envoy) allows an unautheticated attacker to access or create arbitratry files.\u003cp\u003eThis issue affects Envoy: from 4.x to 8.x and \u0026lt; 8.2.4225.\u003c/p\u003e"
}
],
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability via a URL parameter in Enphase IQ Gateway (formerly known as Envoy) allows an unautheticated attacker to access or create arbitratry files.This issue affects Envoy: from 4.x to 8.x and \u003c 8.2.4225."
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/S:N/AU:Y/V:D/RE:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "IRRECOVERABLE",
"Safety": "PRESENT",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/S:P/AU:Y/R:I/V:C/RE:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "Chain of CVE-2024-21876, CVE-2024-21877 and CVE-2024-21878"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T13:38:30.594Z",
"orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"shortName": "DIVD"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://csirt.divd.nl/CVE-2024-21876"
},
{
"tags": [
"related"
],
"url": "https://csirt.divd.nl/DIVD-2024-00011"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://enphase.com/cybersecurity/advisories/ensa-2024-1"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Devices are remotely being updated by the vendor."
}
],
"value": "Devices are remotely being updated by the vendor."
}
],
"source": {
"advisory": "DIVD-2024-00011",
"discovery": "INTERNAL"
},
"title": "Unauthenticated Path Traversal via URL Parameter in Enphase IQ Gateway version \u003c 8.2.4225",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is adviced to not expose this device to untrusted network acces. In other words, make sure this decvice is not reachable from the internet, a guest network or a public network."
}
],
"value": "It is adviced to not expose this device to untrusted network acces. In other words, make sure this decvice is not reachable from the internet, a guest network or a public network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"assignerShortName": "DIVD",
"cveId": "CVE-2024-21876",
"datePublished": "2024-08-10T17:44:50.205Z",
"dateReserved": "2024-01-02T18:30:11.174Z",
"dateUpdated": "2025-03-11T13:38:30.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21877 (GCVE-0-2024-21877)
Vulnerability from cvelistv5 – Published: 2024-08-10 17:44 – Updated: 2025-03-11 13:38
VLAI?
Title
Insecure File Generation Based on User Input in Enphase IQ Gateway version 4.x to 8.x and < 8.2.4225
Summary
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability through a url parameter in Enphase IQ Gateway (formerly known as Envoy) allows File Manipulation. The endpoint requires authentication.This issue affects Envoy: from 4.x to 8.0 and < 8.2.4225.
Severity ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
Credits
Wietse Boonstra (DIVD)
Hidde Smit (DIVD)
Frank Breedijk (DIVD)
Max van der Horst (DIVD)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:enphase:envoy:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "envoy",
"vendor": "enphase",
"versions": [
{
"lessThan": "8.2.4225",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "7x"
},
{
"status": "affected",
"version": "6x"
},
{
"status": "affected",
"version": "5x"
},
{
"status": "affected",
"version": "4x"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21877",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T12:50:11.563069Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T12:54:56.952Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Envoy",
"vendor": "Enphase",
"versions": [
{
"lessThan": "8.2.4225",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "7.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "6.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Wietse Boonstra (DIVD)"
},
{
"lang": "en",
"type": "finder",
"value": "Hidde Smit (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Frank Breedijk (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Max van der Horst (DIVD)"
}
],
"datePublic": "2024-08-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability through a url parameter in Enphase IQ Gateway (formerly known as Envoy) allows File Manipulation. The endpoint requires authentication.\u003cp\u003eThis issue affects Envoy: from 4.x to 8.0 and\u0026nbsp;\u0026lt; 8.2.4225.\u003c/p\u003e"
}
],
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability through a url parameter in Enphase IQ Gateway (formerly known as Envoy) allows File Manipulation. The endpoint requires authentication.This issue affects Envoy: from 4.x to 8.0 and\u00a0\u003c 8.2.4225."
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/S:N/AU:Y/V:D/RE:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "IRRECOVERABLE",
"Safety": "PRESENT",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/S:P/AU:Y/R:I/V:C/RE:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "Chain of CVE-2024-21876, CVE-2024-21877 and CVE-2024-21878"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T13:38:26.399Z",
"orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"shortName": "DIVD"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://csirt.divd.nl/CVE-2024-21877"
},
{
"tags": [
"related"
],
"url": "https://csirt.divd.nl/DIVD-2024-00011"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://enphase.com/cybersecurity/advisories/ensa-2024-2"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Devices are remotely being updated by the vendor."
}
],
"value": "Devices are remotely being updated by the vendor."
}
],
"source": {
"advisory": "DIVD-2024-00011",
"discovery": "INTERNAL"
},
"title": "Insecure File Generation Based on User Input in Enphase IQ Gateway version 4.x to 8.x and \u003c 8.2.4225",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is adviced to not expose this device to untrusted network acces. In other words, make sure this decvice is not reachable from the internet, a guest network or a public network."
}
],
"value": "It is adviced to not expose this device to untrusted network acces. In other words, make sure this decvice is not reachable from the internet, a guest network or a public network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"assignerShortName": "DIVD",
"cveId": "CVE-2024-21877",
"datePublished": "2024-08-10T17:44:49.284Z",
"dateReserved": "2024-01-02T18:30:11.174Z",
"dateUpdated": "2025-03-11T13:38:26.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21879 (GCVE-0-2024-21879)
Vulnerability from cvelistv5 – Published: 2024-08-10 17:44 – Updated: 2025-03-11 13:38
VLAI?
Title
URL parameter manipulations allows an authenticated attacker to execute arbitrary OS commands in Enphase IQ Gateway v4.x to v8.x and < v8.2.4225
Summary
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability through an url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection.This issue affects Envoy: from 4.x to 8.x and < 8.2.4225.
Severity ?
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
Credits
Wietse Boonstra (DIVD)
Hidde Smit (DIVD)
Frank Breedijk (DIVD)
Max van der Horst (DIVD)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:enphase:envoy:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "envoy",
"vendor": "enphase",
"versions": [
{
"lessThan": "8.2.4225",
"status": "affected",
"version": "4.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21879",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T14:15:03.815464Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T13:32:41.547Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Envoy",
"vendor": "Enphase",
"versions": [
{
"lessThan": "8.2.4225",
"status": "affected",
"version": "8.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "7.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "6.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Wietse Boonstra (DIVD)"
},
{
"lang": "en",
"type": "finder",
"value": "Hidde Smit (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Frank Breedijk (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Max van der Horst (DIVD)"
}
],
"datePublic": "2024-08-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027) vulnerability through an url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection.\u003cp\u003eThis issue affects Envoy: from 4.x to 8.x and \u0026lt; 8.2.4225.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027) vulnerability through an url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection.This issue affects Envoy: from 4.x to 8.x and \u003c 8.2.4225."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "IRRECOVERABLE",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/S:P/AU:Y/R:I/V:C/RE:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T13:38:27.809Z",
"orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"shortName": "DIVD"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://csirt.divd.nl/CVE-2024-21879"
},
{
"tags": [
"related"
],
"url": "https://csirt.divd.nl/DIVD-2024-00011"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://enphase.com/cybersecurity/advisories/ensa-2024-4"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Devices are remotely being updated by the vendor."
}
],
"value": "Devices are remotely being updated by the vendor."
}
],
"source": {
"advisory": "DIVD-2024-00011",
"discovery": "INTERNAL"
},
"title": "URL parameter manipulations allows an authenticated attacker to execute arbitrary OS commands in Enphase IQ Gateway v4.x to v8.x and \u003c v8.2.4225",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is adviced to not expose this device to untrusted network acces. In other words, make sure this decvice is not reachable from the internet, a guest network or a public network."
}
],
"value": "It is adviced to not expose this device to untrusted network acces. In other words, make sure this decvice is not reachable from the internet, a guest network or a public network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"assignerShortName": "DIVD",
"cveId": "CVE-2024-21879",
"datePublished": "2024-08-10T17:44:49.728Z",
"dateReserved": "2024-01-02T18:30:11.175Z",
"dateUpdated": "2025-03-11T13:38:27.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21881 (GCVE-0-2024-21881)
Vulnerability from cvelistv5 – Published: 2024-08-10 17:44 – Updated: 2025-03-11 13:38
VLAI?
Title
Upload of encrypted packages allows authenticated command execution in Enphase IQ Gateway v4.x and v5.x
Summary
Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary OS Commands via encrypted package upload.This issue affects Envoy: 4.x and 5.x
Severity ?
CWE
- CWE-326 - Inadequate Encryption Strength
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
Credits
Wietse Boonstra (DIVD)
Hidde Smit (DIVD)
Frank Breedijk (DIVD)
Max van der Horst (DIVD)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:enphase:envoy:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "envoy",
"vendor": "enphase",
"versions": [
{
"status": "affected",
"version": "4.x"
},
{
"status": "affected",
"version": "5.x"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21881",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T16:33:02.874377Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T16:37:24.533Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Envoy",
"vendor": "Enphase",
"versions": [
{
"status": "affected",
"version": "5.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Wietse Boonstra (DIVD)"
},
{
"lang": "en",
"type": "finder",
"value": "Hidde Smit (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Frank Breedijk (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Max van der Horst (DIVD)"
}
],
"datePublic": "2024-08-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary OS Commands via encrypted package upload.\u003cp\u003eThis issue affects Envoy: 4.x and 5.x\u003c/p\u003e"
}
],
"value": "Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary OS Commands via encrypted package upload.This issue affects Envoy: 4.x and 5.x"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "IRRECOVERABLE",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/S:P/AU:Y/R:I/V:C/RE:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326 Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T13:38:24.981Z",
"orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"shortName": "DIVD"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://csirt.divd.nl/CVE-2024-21881"
},
{
"tags": [
"related"
],
"url": "https://csirt.divd.nl/DIVD-2024-00011"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://enphase.com/cybersecurity/advisories/ensa-2024-6"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Devices are remotely being updated by the vendor."
}
],
"value": "Devices are remotely being updated by the vendor."
}
],
"source": {
"advisory": "DIVD-2024-00011",
"discovery": "INTERNAL"
},
"title": "Upload of encrypted packages allows authenticated command execution in Enphase IQ Gateway v4.x and v5.x",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is adviced to not expose this device to untrusted network acces. In other words, make sure this decvice is not reachable from the internet, a guest network or a public network."
}
],
"value": "It is adviced to not expose this device to untrusted network acces. In other words, make sure this decvice is not reachable from the internet, a guest network or a public network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"assignerShortName": "DIVD",
"cveId": "CVE-2024-21881",
"datePublished": "2024-08-10T17:44:48.033Z",
"dateReserved": "2024-01-02T18:30:11.175Z",
"dateUpdated": "2025-03-11T13:38:24.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21880 (GCVE-0-2024-21880)
Vulnerability from cvelistv5 – Published: 2024-08-10 17:44 – Updated: 2025-03-11 13:38
VLAI?
Title
URL parameter manipulations allows an authenticated attacker to execute arbitrary OS commands in Enphase IQ Gateway version 4.x <= 7.x
Summary
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability via the url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Enphase) allows OS Command Injection.This issue affects Envoy: 4.x <= 7.x
Severity ?
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
Credits
Wietse Boonstra (DIVD)
Hidde Smit (DIVD)
Frank Breedijk (DIVD)
Max van der Horst (DIVD)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:enphase:envoy:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "envoy",
"vendor": "enphase",
"versions": [
{
"lessThanOrEqual": "7.x",
"status": "affected",
"version": "4.x",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21880",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-13T15:35:30.666411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T15:49:26.290Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Envoy",
"vendor": "Enphase",
"versions": [
{
"status": "affected",
"version": "7.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "6.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Wietse Boonstra (DIVD)"
},
{
"lang": "en",
"type": "finder",
"value": "Hidde Smit (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Frank Breedijk (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Max van der Horst (DIVD)"
}
],
"datePublic": "2024-08-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027) vulnerability via the url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Enphase) allows OS Command Injection.\u003cp\u003eThis issue affects Envoy: 4.x \u0026lt;= 7.x\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027) vulnerability via the url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Enphase) allows OS Command Injection.This issue affects Envoy: 4.x \u003c= 7.x"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "IRRECOVERABLE",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/S:P/AU:Y/R:I/V:C/RE:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T13:38:29.210Z",
"orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"shortName": "DIVD"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://csirt.divd.nl/CVE-2024-21880"
},
{
"tags": [
"related"
],
"url": "https://csirt.divd.nl/DIVD-2024-00011"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://enphase.com/cybersecurity/advisories/ensa-2024-5"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Devices are remotely being updated by the vendor."
}
],
"value": "Devices are remotely being updated by the vendor."
}
],
"source": {
"advisory": "DIVD-2024-00011",
"discovery": "INTERNAL"
},
"title": "URL parameter manipulations allows an authenticated attacker to execute arbitrary OS commands in Enphase IQ Gateway version 4.x \u003c= 7.x",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is adviced to not expose this device to untrusted network acces. In other words, make sure this decvice is not reachable from the internet, a guest network or a public network."
}
],
"value": "It is adviced to not expose this device to untrusted network acces. In other words, make sure this decvice is not reachable from the internet, a guest network or a public network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"assignerShortName": "DIVD",
"cveId": "CVE-2024-21880",
"datePublished": "2024-08-10T17:44:48.465Z",
"dateReserved": "2024-01-02T18:30:11.175Z",
"dateUpdated": "2025-03-11T13:38:29.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21878 (GCVE-0-2024-21878)
Vulnerability from cvelistv5 – Published: 2024-08-10 17:44 – Updated: 2025-03-11 13:38
VLAI?
Title
Command Injection through Unsafe File Name Evaluation in internal script in Enphase IQ Gateway v4.x to and including 8.x
Summary
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection. This vulnerability is present in an internal script.This issue affects Envoy: from 4.x up to and including 8.x and is currently unpatched.
Severity ?
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
Credits
Wietse Boonstra (DIVD)
Hidde Smit (DIVD)
Frank Breedijk (DIVD)
Max van der Horst (DIVD)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:enphase:envoy:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "envoy",
"vendor": "enphase",
"versions": [
{
"lessThan": "8.2.4225",
"status": "affected",
"version": "4.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21878",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T14:27:02.414547Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T14:30:47.907Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Envoy",
"vendor": "Enphase",
"versions": [
{
"lessThan": "8.2.4225",
"status": "affected",
"version": "8.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "7.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "6.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Wietse Boonstra (DIVD)"
},
{
"lang": "en",
"type": "finder",
"value": "Hidde Smit (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Frank Breedijk (DIVD)"
},
{
"lang": "en",
"type": "analyst",
"value": "Max van der Horst (DIVD)"
}
],
"datePublic": "2024-08-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027) vulnerability in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection. This vulnerability is present in an internal script.\u003cp\u003eThis issue affects Envoy: from 4.x up to and including 8.x and is currently unpatched.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027) vulnerability in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection. This vulnerability is present in an internal script.This issue affects Envoy: from 4.x up to and including 8.x and is currently unpatched."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "IRRECOVERABLE",
"Safety": "PRESENT",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/S:P/AU:Y/R:I/V:C/RE:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "IRRECOVERABLE",
"Safety": "PRESENT",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/S:P/AU:Y/R:I/V:C/RE:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "Chain of CVE-2024-21876, CVE-2024-21877 and CVE-2024-21878"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T13:38:31.973Z",
"orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"shortName": "DIVD"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://csirt.divd.nl/CVE-2024-21878"
},
{
"tags": [
"related"
],
"url": "https://csirt.divd.nl/DIVD-2024-00011"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://enphase.com/cybersecurity/advisories/ensa-2024-3"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Devices are remotely being updated by the vendor."
}
],
"value": "Devices are remotely being updated by the vendor."
}
],
"source": {
"advisory": "DIVD-2024-00011",
"discovery": "INTERNAL"
},
"title": "Command Injection through Unsafe File Name Evaluation in internal script in Enphase IQ Gateway v4.x to and including 8.x",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is adviced to not expose this device to untrusted network acces. In other words, make sure this decvice is not reachable from the internet, a guest network or a public network.\u003cbr\u003eThis will ensure that the likelihood of any attacks that can get access to the OS and thus abuse this vulnerability is reduced."
}
],
"value": "It is adviced to not expose this device to untrusted network acces. In other words, make sure this decvice is not reachable from the internet, a guest network or a public network.\nThis will ensure that the likelihood of any attacks that can get access to the OS and thus abuse this vulnerability is reduced."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
"assignerShortName": "DIVD",
"cveId": "CVE-2024-21878",
"datePublished": "2024-08-10T17:44:48.892Z",
"dateReserved": "2024-01-02T18:30:11.174Z",
"dateUpdated": "2025-03-11T13:38:31.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33869 (GCVE-0-2023-33869)
Vulnerability from cvelistv5 – Published: 2023-06-20 19:43 – Updated: 2024-12-06 21:34
VLAI?
Title
Enphase Envoy OS Command Injection
Summary
Enphase Envoy versions D7.0.88 is vulnerable to a command injection exploit that may allow an attacker to execute root commands.
Severity ?
6.3 (Medium)
CWE
- CWE-78 - OS Command Injection
Assigner
References
Credits
OBSWCY3F reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:12.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-171-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33869",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-06T21:34:02.472873Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T21:34:11.282Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Envoy",
"vendor": "Enphase ",
"versions": [
{
"status": "affected",
"version": " D7.0.88"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "OBSWCY3F reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eEnphase Envoy versions D7.0.88 is vulnerable to a command injection exploit that may allow an attacker to execute root commands.\u003c/p\u003e\u003cbr\u003e\n\n"
}
],
"value": "\nEnphase Envoy versions D7.0.88 is vulnerable to a command injection exploit that may allow an attacker to execute root commands.\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-20T19:43:46.809Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-171-01"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Enphase Envoy OS Command Injection",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUsers of the affected products are encouraged to contact \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.enphase.com/s/contact-us\"\u003eEnphase Energy support\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;for additional information.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUsers of the affected products are encouraged to contact Enphase Energy support https://support.enphase.com/s/contact-us \u00a0for additional information.\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-33869",
"datePublished": "2023-06-20T19:43:46.809Z",
"dateReserved": "2023-05-25T19:20:22.586Z",
"dateUpdated": "2024-12-06T21:34:11.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32274 (GCVE-0-2023-32274)
Vulnerability from cvelistv5 – Published: 2023-06-20 19:38 – Updated: 2024-12-06 21:34
VLAI?
Title
Enphase Installer Toolkit Android App Use of Hard-coded Credentials
Summary
Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code in the Android application. An attacker can exploit this and gain access to sensitive information.
Severity ?
8.6 (High)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Enphase | Enphase Installer Toolkit |
Affected:
3.27.0
|
Credits
OBSWCY3F reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:24.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-171-02"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32274",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-06T21:34:27.327271Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T21:34:38.813Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Enphase Installer Toolkit",
"vendor": "Enphase ",
"versions": [
{
"status": "affected",
"version": "3.27.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "OBSWCY3F reported this vulnerability to CISA."
}
],
"datePublic": "2023-06-20T19:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eEnphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code in the Android application. An attacker can exploit this and gain access to sensitive information.\u003c/p\u003e\u003cbr\u003e\n\n\u003cbr\u003e\n\n"
}
],
"value": "\n\n\n\n\nEnphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code in the Android application. An attacker can exploit this and gain access to sensitive information.\n\n\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-20T19:38:42.467Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-171-02"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Enphase Installer Toolkit Android App Use of Hard-coded Credentials",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUsers of the affected product are encouraged to contact \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.enphase.com/s/contact-us\"\u003eEnphase Energy support\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;for additional information.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUsers of the affected product are encouraged to contact Enphase Energy support https://support.enphase.com/s/contact-us \u00a0for additional information.\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-32274",
"datePublished": "2023-06-20T19:38:42.467Z",
"dateReserved": "2023-05-25T19:20:22.591Z",
"dateUpdated": "2024-12-06T21:34:38.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7678 (GCVE-0-2019-7678)
Vulnerability from cvelistv5 – Published: 2019-02-09 22:00 – Updated: 2024-08-04 20:54
VLAI?
Summary
A directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/, include/js, or include/css on TCP port 8888.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:54:28.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_1.png"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_exp.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/, include/js, or include/css on TCP port 8888."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-09T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_1.png"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_exp.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7678",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/, include/js, or include/css on TCP port 8888."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_1.png",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_1.png"
},
{
"name": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_exp.txt",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/directory_traversal_exp.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7678",
"datePublished": "2019-02-09T22:00:00",
"dateReserved": "2019-02-09T00:00:00",
"dateUpdated": "2024-08-04T20:54:28.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7676 (GCVE-0-2019-7676)
Vulnerability from cvelistv5 – Published: 2019-02-09 22:00 – Updated: 2024-08-04 20:54
VLAI?
Summary
A weak password vulnerability was discovered in Enphase Envoy R3.*.*. One can login via TCP port 8888 with the admin password for the admin account.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:54:27.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_1.png"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_2.png"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A weak password vulnerability was discovered in Enphase Envoy R3.*.*. One can login via TCP port 8888 with the admin password for the admin account."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-09T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_1.png"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_2.png"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7676",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A weak password vulnerability was discovered in Enphase Envoy R3.*.*. One can login via TCP port 8888 with the admin password for the admin account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_1.png",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_1.png"
},
{
"name": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_2.png",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password_2.png"
},
{
"name": "https://github.com/pudding2/enphase-energy/blob/master/weak_password.txt",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/weak_password.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7676",
"datePublished": "2019-02-09T22:00:00",
"dateReserved": "2019-02-09T00:00:00",
"dateUpdated": "2024-08-04T20:54:27.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7677 (GCVE-0-2019-7677)
Vulnerability from cvelistv5 – Published: 2019-02-09 22:00 – Updated: 2024-08-04 20:54
VLAI?
Summary
XSS exists in Enphase Envoy R3.*.* via the profileName parameter to the /home URI on TCP port 8888.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:54:28.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/XSS.png"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XSS exists in Enphase Envoy R3.*.* via the profileName parameter to the /home URI on TCP port 8888."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-09T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pudding2/enphase-energy/blob/master/XSS.png"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7677",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XSS exists in Enphase Envoy R3.*.* via the profileName parameter to the /home URI on TCP port 8888."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt"
},
{
"name": "https://github.com/pudding2/enphase-energy/blob/master/XSS.png",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/XSS.png"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7677",
"datePublished": "2019-02-09T22:00:00",
"dateReserved": "2019-02-09T00:00:00",
"dateUpdated": "2024-08-04T20:54:28.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}