Vulnerabilities > Enphase > Envoy Firmware > d4.0

DATE CVE VULNERABILITY TITLE RISK
2021-06-16 CVE-2020-25752 Use of Hard-coded Credentials vulnerability in Enphase Envoy Firmware D4.0/R3.0
An issue was discovered on Enphase Envoy R3.x and D4.x devices.
network
low complexity
enphase CWE-798
5.0
5.0
2021-06-16 CVE-2020-25753 Unspecified vulnerability in Enphase Envoy Firmware D4.0/R3.0
An issue was discovered on Enphase Envoy R3.x and D4.x devices with v3 software.
network
low complexity
enphase
7.5
7.5
2021-06-16 CVE-2020-25754 Use of Password Hash With Insufficient Computational Effort vulnerability in Enphase Envoy Firmware D4.0/R3.0
An issue was discovered on Enphase Envoy R3.x and D4.x devices.
network
low complexity
enphase CWE-916
5.0
5.0
2021-06-16 CVE-2020-25755 OS Command Injection vulnerability in Enphase Envoy Firmware D4.0/R3.0
An issue was discovered on Enphase Envoy R3.x and D4.x (and other current) devices.
network
low complexity
enphase CWE-78
6.5
6.5