Lucene search
K

81 matches found

CNNVD
CNNVD
added 2025/08/19 12:0 a.m.2 views

SMA Solar Technology AG ennexos.sunnyportal.com 安全漏洞

SMA Solar Technology AG ennexos.sunnyportal.com is an online platform of SMA Solar Technology AG, Germany. A security vulnerability exists in SMA Solar Technology AG ennexos.sunnyportal.com that originates from a low-privileged user being able to access other users' information, which could lead ...

6.5CVSS6.4AI score0.00335EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.2 views

SMA Solar Sunny Portal 安全漏洞

SMA Solar Sunny Portal is a photovoltaic data monitoring platform from SMA Solar, Germany. It is used to monitor the operation of PV systems in real time and to obtain performance data. A security vulnerability exists in SMA Solar Sunny Portal that originates from an unauthenticated attacker who...

8.6CVSS6.6AI score0.00345EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2020/11/21 12:0 a.m.2 views

SMA Solar Technology Sunny WebBox Cross-Site Request Forgery (CVE-2019-13529)

A cross-site request forgery vulnerability exists in SMA Solar Technology Sunny WebBox. A remote attacker can exploit this vulnerability by enticing a target authenticated user to visit a specially crafted page...

6.8CVSS8.2AI score0.0223EPSS
Exploits4
BDU FSTEC
BDU FSTEC
added 2019/12/09 12:0 a.m.7 views

The vulnerability of the microprogramming software in the remote control system for solar panels, SMA Solar Sunny WebBox, related to the manipulation of inter-site requests, allows a intruder to increase their privileges.

The vulnerability of the microprogramming software in the SMA Solar Sunny WebBox remote control system is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to enhance their privileges by using a specially created malicious link...

8.8CVSS7.6AI score0.0223EPSS
Exploits4References4Affected Software1
exploitpack
exploitpack
added 2019/10/10 12:0 a.m.43 views

SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery

SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Date: 2019-10-08 Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware...

6.8CVSS0.1AI score0.0223EPSS
Exploits4
0day.today
0day.today
added 2019/10/10 12:0 a.m.97 views

SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware Version 1.6 and prior Tested on: Sunny...

6.8CVSS8.6AI score0.0223EPSS
Exploits4
Packet Storm
Packet Storm
added 2019/10/10 12:0 a.m.211 views

SMA Solar Technology AG Sunny WebBox 1.6 Cross Site Request Forgery

Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Date: 2019-10-08 Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware Version 1.6 and prior Tested on: Sunny WebBox SMA Solar Device Firmware Version...

8.8AI score0.0223EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/10/10 12:0 a.m.338 views

SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery

Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Date: 2019-10-08 Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware Version 1.6 and prior Tested on: Sunny WebBox SMA Solar Device Firmware Version...

8.8CVSS9AI score0.0223EPSS
Exploits4
Symantec
Symantec
added 2019/10/08 12:0 a.m.43 views

SMA Solar Technology AG Sunny WebBox CVE-2019-13529 Cross Site Request Forgery Vulnerability

Description SMA Solar Technology AG Sunny WebBox is prone to a cross-site request-forgery vulnerability. An attacker can exploit this issue to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. Sunny WebBox versions 1.6 and prior are...

8.7AI score0.0223EPSS
Exploits4References1Affected Software1
ICS
ICS
added 2019/10/08 12:0 a.m.93 views

SMA Solar Technology AG Sunny WebBox

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SMA Solar Technology AG Equipment: Sunny WebBox Vulnerability: Cross-Site Request Forgery 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to generate a...

8.8CVSS8.9AI score0.0223EPSS
Exploits4References5
CNVD
CNVD
added 2017/08/10 12:0 a.m.3 views

SMA Solar Technology Sunny Explorer Information Disclosure Vulnerability

SMA Solar Technology Sunny Explorer is a photovoltaic plant management software from SMA Germany. An information disclosure vulnerability exists in SMA Solar Technology Sunny Explorer. An attacker could exploit this vulnerability to obtain information, create and save .txt files...

7.5CVSS7.2AI score0.01724EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/10 12:0 a.m.2 views

SMA Solar Technology inverter denial of service vulnerability

SMA Solar Technology inverter is a photovoltaic inverter device from SMA Germany. A denial of service vulnerability exists in SMA Solar Technology inverter. An attacker could exploit this vulnerability to cause a denial of service crash or inability to communicate with other SMA servers or obtain...

9.8CVSS9.2AI score0.01408EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/10 12:0 a.m.3 views

Unspecified vulnerability in SMA Solar Technology inverter

SMA Solar Technology inverter is a photovoltaic inverter device from SMA Germany. A security vulnerability exists in the SMA Solar Technology inverter. An attacker could exploit this vulnerability by sending specially crafted packets to the inverter to determine the active user account...

7.5CVSS7.5AI score0.02058EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/10 12:0 a.m.3 views

Unspecified vulnerability in SMA Solar Technology inverter (CNVD-2017-27846)

SMA Solar Technology inverter is a photovoltaic inverter device from SMA Germany. A security vulnerability exists in the SMA Solar Technology inverter. An attacker could exploit the vulnerability to change sensitive parameters...

9.8CVSS9.3AI score0.01583EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/10 12:0 a.m.4 views

SMA Solar Technology inverter weak password vulnerability (CNVD-2017-27842)

SMA Solar Technology inverter is a photovoltaic inverter device from SMA Germany. A weak password vulnerability exists in the SMA Solar Technology inverter, which stems from a weak password policy used by the program and can be exploited by an attacker to obtain a password...

9.8CVSS9.5AI score0.01716EPSS
Exploits0References1
NVD
NVD
added 2017/08/05 5:29 p.m.20 views

CVE-2017-9855

An issue was discovered in SMA Solar Technology products. A secondary authentication system is available for Installers called the Grid Guard system. This system uses predictable codes, and a single Grid Guard code can be used on any SMA inverter. Any such code, when combined with the installer...

9.8CVSS9.6AI score0.01583EPSS
Exploits0References3
NVD
NVD
added 2017/08/05 5:29 p.m.26 views

CVE-2017-9862

An issue was discovered in SMA Solar Technology products. When signed into Sunny Explorer with a wrong password, it is possible to create a debug report, disclosing information regarding the application and allowing the attacker to create and save a .txt file with contents to his liking. An...

7.5CVSS7.4AI score0.01724EPSS
Exploits0References3
Prion
Prion
added 2017/08/05 5:29 p.m.13 views

Default credentials

DISPUTED An issue was discovered in SMA Solar Technology products. All inverters have a very weak password policy for the user and installer password. No complexity requirements or length requirements are set. Also, strong passwords are impossible due to a maximum of 12 characters and a limited s...

5CVSS7.3AI score0.01716EPSS
Exploits0References3
Prion
Prion
added 2017/08/05 5:29 p.m.10 views

Code injection

DISPUTED An issue was discovered in SMA Solar Technology products. By sending crafted packets to an inverter and observing the response, active and inactive user accounts can be determined. This aids in further attacks such as a brute force attack as one now knows exactly which users exist and...

5CVSS7AI score0.02058EPSS
Exploits0References3
NVD
NVD
added 2017/08/05 5:29 p.m.17 views

CVE-2017-9854

An issue was discovered in SMA Solar Technology products. By sniffing for specific packets on the localhost, plaintext passwords can be obtained as they are typed into Sunny Explorer by the user. These passwords can then be used to compromise the overall device. NOTE: the vendor reports that...

9.8CVSS9.4AI score0.01127EPSS
Exploits0References3
Rows per page
Query Builder