138 matches found
EUVD-2025-5283
Malicious code in bioql PyPI...
EUVD-2025-5291
Malicious code in bioql PyPI...
EUVD-2025-5285
Malicious code in bioql PyPI...
EUVD-2025-14252
Malicious code in bioql PyPI...
EUVD-2024-44594
Malicious code in bioql PyPI...
EUVD-2025-5290
Malicious code in bioql PyPI...
EUVD-2025-5292
Malicious code in bioql PyPI...
EUVD-2025-5284
Malicious code in bioql PyPI...
EUVD-2025-5288
Malicious code in bioql PyPI...
EUVD-2025-5289
Malicious code in bioql PyPI...
EUVD-2025-5293
Malicious code in bioql PyPI...
CVE-2025-29756
SunGrow's back end users system iSolarCloud https://isolarcloud.com uses an MQTT service to transport data from the user's connected devices to the user's web browser. The MQTT server however did not have sufficient restrictions in place to limit the topics that a user could subscribe to. While t...
CVE-2025-29756 MQTT implementation in Sungrow iSolarCloud allowed users to subscribe to all data of all connected inverters
SunGrow's back end users system iSolarCloud https://isolarcloud.com uses an MQTT service to transport data from the user's connected devices to the user's web browser. The MQTT server however did not have sufficient restrictions in place to limit the topics that a user could subscribe to. While...
CVE-2025-29756 MQTT implementation in Sungrow iSolarCloud allowed users to subscribe to all data of all connected inverters
SunGrow's back end users system iSolarCloud https://isolarcloud.com uses an MQTT service to transport data from the user's connected devices to the user's web browser. The MQTT server however did not have sufficient restrictions in place to limit the topics that a user could subscribe to. While...
CVE-2025-29756
The CVE-2025-29756 entry describes a vulnerability in SunGrow iSolarCloud’s MQTT service used by the backend for device data transport. The MQTT broker reportedly lacks sufficient topic-subscription restrictions, enabling a user with an iSolarCloud account to subscribe to any topic (notably the a...
PT-2025-25185 · Sungrow · Isolarcloud
Name of the Vulnerable Software and Affected Versions: SunGrow's back end users system iSolarCloud affected versions not specified Description: The issue concerns the MQTT service used by iSolarCloud to transport data from connected devices to the user's web browser. The MQTT server lacks...
Sungrow iSolarCloud 安全漏洞
Sungrow iSolarCloud Sunshine Cloud is a software for monitoring and managing PV power plants from China's Sunny Power Sungrow. A security vulnerability exists in Sungrow iSolarCloud, which stems from an under-restricted MQTT service that could result in subscribing to arbitrary topics and...
CVE-2024-50695
SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks...
CVE-2024-50690
SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be used to decrypt all firmware updates...
CVE-2024-50694
In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when copying the timestamp read from an MQTT message, the underlying code does not check the bounds of the buffer that is used to store the message. This may lead to a stack-based buffer overflow...