CVE-2012-5863

CVE-2012-5863: Sinapsi eSolar OS Command Injection

Vendor Sinapsi

Product eSolar

Weakness CWE-78

Published November 23, 2012

Last update July 8, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

These Sinapsi devices do not check for special elements in commands sent to the system. By accessing certain pages with administrative privileges that do not require authentication within the device, attackers can execute arbitrary, unexpected, or dangerous commands directly onto the operating system.

Key dates

02Disclosure timeline

November 23, 2012 CVE published

July 8, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2012-5863 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/78.html

Related vulnerabilities

Identifiers

CVE CVE-2012-5863

CWE CWE-78

Affected versions

Vendor Sinapsi

Product eSolar

Affected < 2.0.2870_xxx_2.2.12

Vendor Sinapsi

Product eSolar DUO

Affected < 2.0.2870_xxx_2.2.12

Vendor Sinapsi

Product eSolar Light

Affected < 2.0.2870_xxx_2.2.12

CVE-2012-5863: Sinapsi eSolar OS Command Injection

01Description

02Disclosure timeline

03References

04Related CVE