Intrusion Prevention


This indicates an attack attempt against a Command Injection vulnerability in SINAPSI eSolar Light Photovoltaic System Monitor.
The vulnerability is caused by insufficient sanitizing the parameter "ip_dominio" that is passed to "ping.php". It allows a remote attacker to inject arbitrary command via a crafted HTTP Request.

Affected Products

SINAPSI eSolar Light Photovoltaic System Monitor


System Compromise: Remote attackers can execute arbitrary command on vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

CVE References