Danfoss Solar Inverters – Multiple Vulnerabilities

Danfoss Solar Inverters contain a couple vulnerabilities, found in a saved Shodan search. The notes for the search said “mostly TLX series (6-15 kW / inverter)” and the default credentials are admin / admin, which I verified. After that, there is another problem:

Login screen:

danfoss01

Under Setup -> Communication, the credentials of a mail server are stored in plain text. If the default admin login is not changed then an attacker can gain credentials of another server:

danfoss02

The request is made over HTTP via the GET method, not SSL:

danfoss03

The response is in the clear as seen in a proxy:

danfoss04

Advertisements

Tags: , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: