Tesla SolarCity Solar Monitoring Gateway through 5.46.43 has a "Use of Hard-coded Credentials" issue because Digi ConnectPort X2e uses a .pyc file to store the cleartext password for the python user account.
https://www.fireeye.com/blog/threat-research/2021/02/solarcity-exploitation-of-x2e-iot-device-part-one.html
https://www.fireeye.com/blog/threat-research.html
https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2020-0019/FEYE-2020-0019.md
https://www.fireeye.com/blog/threat-research/2021/02/solarcity-exploitation-of-x2e-iot-device-part-two.html
Source: Mitre, NVD
Published: 2021-02-18
Updated: 2026-06-17
Base Score: 5.8
Vector: CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:P
Severity: Medium
Base Score: 8.8
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: High
EPSS: 0.00222