CVE-2012-6428 Information

Description

Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 establishes multiple hardcoded accounts which makes it easier for remote attackers to obtain administrative access by reading a password in a PHP script a similar issue to CVE-2012-5862.

Reference

http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-02.pdf