Description
The Carlo Gavazzi EOS-Box stores hard-coded passwords in the PHP file of the device. By using the hard-coded passwords, attackers can log into the device with administrative privileges. This could allow the attacker to have unauthorized access.
Affected products
- Carlo Gavazzi Automation / EOS-Box0 – 1.0.0.1080_2.1.10