Vulnerability in Enphase Envoy

CVE-2024-21881

Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary OS Commands via encrypted package upload.This issue affects Envoy: 4.x and 5.x

EPSS: 0.003 (20.4th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References