Growatt Cloud Applications Information Disclosure Vulnerability (CNVD-2025-14963)

Growatt Cloud Applications is a monitoring platform from Growatt in China. An information disclosure vulnerability exists in Growatt Cloud Applications version 3.6.0 and prior versions, which can be exploited by an unauthenticated attacker to query the total energy consumption information of any...

Growatt Cloud Applications Information Disclosure Vulnerability (CNVD-2025-14964)

Growatt Cloud Applications is a monitoring platform from Growatt in China. An information disclosure vulnerability exists in Growatt Cloud Applications version 3.6.0 and prior versions, which can be exploited by an unauthenticated attacker to obtain a list of smart devices via a valid username...

Growatt Cloud Applications Information Disclosure Vulnerability (CNVD-2025-14959)

Growatt Cloud Applications is a monitoring platform from Growatt in China. An information disclosure vulnerability exists in Growatt Cloud Applications version 3.6.0 and prior versions, which can be exploited by an unauthenticated attacker to obtain a user's plant list by username...

Growatt Cloud Applications Authorization Bypass Vulnerability (CNVD-2025-14960)

Growatt Cloud Applications is a monitoring platform from Growatt in China. An authorization bypass vulnerability exists in Growatt Cloud Applications 3.6.0 and prior versions, which can be exploited by an unauthenticated attacker to obtain a user's email by knowing the username, resulting in a...

Growatt Cloud Applications Authorization Bypass Vulnerability

Growatt Cloud Applications is a monitoring platform from Growatt in China. An authorization bypass vulnerability exists in Growatt Cloud Applications version 3.6.0 and prior versions, which can be exploited by an unauthenticated attacker to obtain restricted information about a user's smart devic...

Growatt Cloud Applications Information Disclosure Vulnerability (CNVD-2025-14965)

Growatt Cloud Applications is a monitoring platform from Growatt in China. An information disclosure vulnerability exists in Growatt Cloud Applications version 3.6.0 and prior versions, which can be exploited by an unauthenticated attacker to obtain information about another user's electric vehic...

Growatt Cloud Applications Security Bypass Vulnerability (CNVD-2025-14962)

Growatt Cloud Applications is a monitoring platform from Growatt in China. A security bypass vulnerability exists in Growatt Cloud Applications version 3.6.0 and prior versions, which can be exploited by an unauthenticated attacker to add another user's device to a scenario...

Growatt Cloud Applications Information Disclosure Vulnerability

Growatt Cloud Applications is a monitoring platform from Growatt in China. An information disclosure vulnerability exists in Growatt Cloud Applications version 3.6.0 and prior versions, which can be exploited by an unauthenticated attacker to query API endpoints and obtain device details...

Growatt Cloud Applications Security Bypass Vulnerability

Growatt Cloud Applications is a monitoring platform from Growatt in China. A security bypass vulnerability exists in Growatt Cloud Applications version 3.6.0 and prior versions, which can be exploited by unauthenticated attackers to send configuration settings and potentially perform physical...

CVE-2025-31933 Growatt Cloud Applications Authorization Bypass Through User-Controlled Key

An unauthenticated attacker can check the existence of usernames in the system by querying an API...

CVE-2025-31933

CVE-2025-31933 affects Growatt Cloud Applications. An unauthenticated attacker can enumerate usernames by querying an API; CNNVD cites affected versions 3.6.0 and earlier. The issue originates from unauthenticated access to a username list via the API. Red Hat and NVD entries corroborate the basi...

CVE-2025-30511

Growatt Cloud Applications (monitors) is affected by CVE-2025-30511. An authenticated attacker can trigger a stored XSS by exploiting improper sanitization of the plant name value when adding or editing a plant. Documented impact is stored XSS in user spaces; no exploit details are provided beyon...

CVE-2025-30511 Growatt Cloud Applications Cross-site Scripting

An authenticated attacker can achieve stored XSS by exploiting improper sanitization of the plant name value while adding or editing a plant...

CVE-2025-30511 Growatt Cloud Applications Cross-site Scripting

An authenticated attacker can achieve stored XSS by exploiting improper sanitization of the plant name value while adding or editing a plant...

Growatt Cloud Applications 安全漏洞

Growatt Cloud Applications is a monitoring platform from Growatt, a Chinese company. A security vulnerability exists in Growatt Cloud Applications version 3.6.0 and prior versions, which originates from an unauthenticated attacker being able to infer the presence of a username on the system...

Growatt Cloud Applications 安全漏洞

Growatt Cloud Applications is a monitoring platform from Growatt, a Chinese company. A security vulnerability exists in Growatt Cloud Applications version 3.6.0 and earlier, which originates from an unauthenticated attacker being able to obtain restricted information about a user's collection of...

Growatt Cloud Applications 安全漏洞

Growatt Cloud Applications is a monitoring platform from Growatt, a Chinese company. A security vulnerability exists in Growatt Cloud Applications version 3.6.0 and prior versions, which originates from an unauthenticated attacker being able to gain access to other users' charger information...

Growatt Cloud Applications 安全漏洞

Growatt Cloud Applications is a monitoring platform from Growatt in China. An information disclosure vulnerability exists in Growatt Cloud Applications version 3.6.0 and prior versions, which can be exploited by an unauthenticated attacker to obtain information about another user's electric vehic...

Growatt Cloud Applications 安全漏洞

Growatt Cloud Applications is a monitoring platform from Growatt in China. An information disclosure vulnerability exists in Growatt Cloud Applications version 3.6.0 and prior versions, which can be exploited by an unauthenticated attacker to query the total energy consumption information of any...

Growatt Cloud Applications 安全漏洞

Growatt Cloud Applications is a monitoring platform from Growatt, a Chinese company. A security vulnerability exists in Growatt Cloud Applications version 3.6.0 and earlier, which originates from an unauthenticated attacker who can trigger device actions related to specific scenarios...