Unrated severityNVD Advisory· Published Nov 23, 2012· Updated Apr 29, 2026

CVE-2012-5861

Description

These Sinapsi devices do not check the validity of the data before executing queries. By accessing the SQL table of certain pages that do not require authentication within the device, attackers can leak information from the device. This could allow the attacker to compromise confidentiality.

Affected products

Sinapsitech/Sinapsi Firmware
cpe:2.3:o:sinapsitech:sinapsi_firmware:*:*:*:*:*:*:*:*
Range: <=2.0.2870
Sinapsitech/Esolar Duo Photovoltaic System Monitor
cpe:2.3:h:sinapsitech:esolar_duo_photovoltaic_system_monitor:-:*:*:*:*:*:*:*
Sinapsitech/Esolar Light Photovoltaic System Monitor
cpe:2.3:h:sinapsitech:esolar_light_photovoltaic_system_monitor:-:*:*:*:*:*:*:*
Sinapsitech/Esolar Photovoltaic System Monitor
cpe:2.3:h:sinapsitech:esolar_photovoltaic_system_monitor:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/bugtraq/2012-09/0045.htmlnvdExploit
www.exploit-db.com/exploits/21273/nvdExploit
www.us-cert.gov/control_systems/pdf/ICSA-12-325-01.pdfnvdUS Government Resource
www.sinapsitech.it/default.aspnvd
exchange.xforce.ibmcloud.com/vulnerabilities/80200nvd
exchange.xforce.ibmcloud.com/vulnerabilities/80201nvd
www.cisa.gov/news-events/ics-advisories/icsa-12-325-01nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.011
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000