8 matches found
EUVD-2025-21950
Malicious code in bioql PyPI...
CVE-2025-29757
An incorrect authorisation check in the the 'plant transfer' function of the Growatt cloud service allowed a malicous attacker with a valid account to transfer any plant into his/her account...
CVE-2025-29757
An incorrect authorisation check in the the 'plant transfer' function of the Growatt cloud service allowed a malicous attacker with a valid account to transfer any plant into his/her account...
CVE-2025-29757
An incorrect authorisation check in the the 'plant transfer' function of the Growatt cloud service allowed a malicous attacker with a valid account to transfer any plant into his/her account...
CVE-2025-29757
An incorrect authorisation check in the the 'plant transfer' function of the Growatt cloud service allowed a malicous attacker with a valid account to transfer any plant into his/her account...
CVE-2025-29757
CVE-2025-29757 involves an incorrect authorization check in the Growatt cloud service’s plant transfer function. The vulnerability allows a malicious user with a valid account to transfer any plant into their own account, due to insufficient access control. Affected component: Growatt cloud servi...
PT-2025-30116 · Growatt · Growatt Cloud Service
Name of the Vulnerable Software and Affected Versions: Growatt cloud service affected versions not specified Description: An incorrect authorisation check exists in the 'plant transfer' function. This allows a malicious attacker with a valid account to transfer any plant into their account...
Growatt cloud service 安全漏洞
Growatt cloud service is an OSS management system from Growatt, a Chinese company. A security vulnerability exists in Growatt cloud service, which stems from improper authorization checking and could lead to elevation of privilege...