CVE-2012-6428

CVE-2012-6428: Carlo Gavazzi EOS Box Hard-Coded Credentials

Vendor Carlo Gavazzi Automation
Product EOS-Box
Weakness CWE-798 · Hardcoded credentials
Published December 23, 2012
Last update July 1, 2025

CVSS base score

What the vulnerability does

01Description

The Carlo Gavazzi EOS-Box stores hard-coded passwords in the PHP file of the device. By using the hard-coded passwords, attackers can log into the device with administrative privileges. This could allow the attacker to have unauthorized access.

Key dates

02Disclosure timeline

December 23, 2012 CVE published
July 1, 2025 Record updated