Tesla SolarCity Solar Monitoring Gateway Vulnerability: Use of Hard-coded Credentials in Digi ConnectPort X2e

CVE-2020-9306 · HIGH Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tesla SolarCity Solar Monitoring Gateway through 5.46.43 has a "Use of Hard-coded Credentials" issue because Digi ConnectPort X2e uses a .pyc file to store the cleartext password for the python user account.

Learn more about our User Device Pen Test.