Hardcoded Login Password Vulnerability in Enphase Envoy Devices
CVE-2020-25752

5.3MEDIUM

Key Information:

Vendor

Enphase

Status
Envoy Firmware
Vendor
CVE Published:
16 June 2021

What is CVE-2020-25752?

A security issue exists in Enphase Envoy R3.x and D4.x devices where hardcoded passwords for the installer and Enphase accounts are used. These passwords are derived from the MD5 hash of the username concatenated with the serial number, alongside static strings, making it possible for an unauthenticated user to obtain the serial number through the /info.xml endpoint. As these passwords are not modifiable by users and can be easily calculated by attackers, this creates a substantial security risk, potentially leading to unauthorized access.

References

https://enphase.com/en-us/products-and-services/envoy-and...
x_refsource_MISC
https://stage2sec.com
x_refsource_MISC
https://medium.com/stage-2-security/can-solar-controllers...
x_refsource_MISC

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.