146 matches found
CVE-2023-46344
A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting XSS vulnerability in the switch group function under /ilang=DE&b=csmartenergyswgroups in the web...
Cross site scripting
A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting XSS vulnerability in the switch group function under /ilang=DE&b=csmartenergyswgroups in the web...
CVE-2023-46344
A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting XSS vulnerability in the switch group function under /ilang=DE&b=csmartenergyswgroups in the web...
Solar-Log GmbH Cross-Site Scripting Vulnerability
Solar-Log GmbH is a data logger for monitoring photovoltaic PV power plants from the German company Solar-Log. A cross-site scripting vulnerability exists in Solar-Log GmbH firmware version 15 6.0.1 Build 161, which stems from a vulnerability that allows an attacker to elevate its privileges usin...
CVE-2023-46344
Solar-Log Base 15 firmware 6.0.1 Build 161 is affected by a stored XSS in the switch group function of the web portal (/ #ilang=DE&b=c_smartenergy_swgroups), allowing privilege escalation to installer/PM and potentially admin access. A fix is available in newer Base 15 firmware; vendor guidance c...
CVE-2023-46344
A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting XSS vulnerability in the switch group function under /ilang=DE&b=csmartenergyswgroups in the web...
PT-2023-29965 · Unknown · Solar-Log Base 15 Firmware
Name of the Vulnerable Software and Affected Versions: Solar-Log Base 15 Firmware version 6.0.1 Build 161 Description: A stored cross-site scripting XSS vulnerability in the switch group function under the /ilang=DE&b=c smartenergy swgroups endpoint in the web portal allows an attacker to escalat...
CVE-2022-47767
A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker. This affects Solar-Log devices that use firmware version v4.2.7 up to v5.1.1 included. This does not exist in SL 200, 500, 1000 / fixed in 4.2.8 for SL 250, 300,...
CVE-2022-47767
A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker. This affects Solar-Log devices that use firmware version v4.2.7 up to v5.1.1 included. This does not exist in SL 200, 500, 1000 / fixed in 4.2.8 for SL 250, 300,...
Design/Logic Flaw
A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker. This affects all Solar-Log devices that use firmware version v4.2.7 up to v5.1.1 included...
Solar Log Gateway 安全漏洞
Solar Log Gateway is a residential monitoring system from Solar Log. A security vulnerability exists in Solar Log Gateway firmware versions v4.2.7 through v5.1.1, which stems from a vulnerability in its web dashboard that allows a remote attacker to log in with super administrator privileges via ...
CVE-2022-47767
A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker. This affects Solar-Log devices that use firmware version v4.2.7 up to v5.1.1 included. This does not exist in SL 200, 500, 1000 / fixed in 4.2.8 for SL 250, 300,...
CVE-2022-47767
The CVE-2022-47767 issue affects Solar-Log Gateway devices running firmware v4.2.7 through v5.1.1, where a backdoor in the web dashboard allows remote login with super administrator privileges. The vulnerability is rooted in the gateway’s web panel security, enabling unauthenticated remote access...
CVE-2022-47767
A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker. This affects Solar-Log devices that use firmware version v4.2.7 up to v5.1.1 included. This does not exist in SL 200, 500, 1000 / fixed in 4.2.8 for SL 250, 300,...
PT-2023-15480 · Sl 1200 +5 · Sl 1200 +6
Name of the Vulnerable Software and Affected Versions: Solar-Log Gateway products versions v4.2.7 through v5.1.1 Description: A backdoor in Solar-Log Gateway products allows remote access via the web panel, gaining super administration privileges to the attacker. Recommendations: For Solar-Log...
CVE-2022-1277
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability...
CVE-2022-1277
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability...
CVE-2022-1277
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability...
Sql injection
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability...
CVE-2022-1277 SQL Injection in Inavitas Solar Log
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability...