EUVD-2025-5292

Malicious code in bioql PyPI...

CVE-2024-50695

SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks...

CVE-2024-50690

SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be used to decrypt all firmware updates...

CVE-2024-50694

In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when copying the timestamp read from an MQTT message, the underlying code does not check the bounds of the buffer that is used to store the message. This may lead to a stack-based buffer overflow...

CVE-2024-50698

SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to heap-based buffer overflow due to bounds checks of the MQTT message content...

CVE-2024-50697

In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when decrypting MQTT messages, the code that parses specific TLV fields does not have sufficient bounds checks. This may result in a stack-based buffer overflow...

CVE-2024-50696

SunGrow WiNet-S V200.001.00.P025 and earlier versions is missing integrity checks for firmware upgrades. Sending a specific MQTT message allows an update to an inverter or a WiNet connectivity dongle with a bogus firmware file that is located on attacker-controlled server...

CVE-2024-50696

SunGrow WiNet-S V200.001.00.P025 and earlier versions is missing integrity checks for firmware upgrades. Sending a specific MQTT message allows an update to an inverter or a WiNet connectivity dongle with a bogus firmware file that is located on attacker-controlled server...

CVE-2024-50696

SunGrow WiNet-S V200.001.00.P025 and earlier versions is missing integrity checks for firmware upgrades. Sending a specific MQTT message allows an update to an inverter or a WiNet connectivity dongle with a bogus firmware file that is located on attacker-controlled server...

CVE-2024-50696

SunGrow WiNet-S firmware upgrade process lacks integrity checking for updates in V200.001.00.P025 and earlier. A crafted MQTT message can trigger installation of a bogus firmware file hosted on an attacker-controlled server, potentially compromising an inverter or WiNet connectivity dongle. Affec...

SunGrow WiNet-S 安全漏洞

The SunGrow WiNet-S is a LAN communication module from China's SunGrow Power SunGrow. A security vulnerability exists in SunGrow WiNet-S version V200.001.00.P025 and prior versions, which stems from a firmware upgrade that lacks integrity checking...

CVE-2024-50696

SunGrow WiNet-S V200.001.00.P025 and earlier versions is missing integrity checks for firmware upgrades. Sending a specific MQTT message allows an update to an inverter or a WiNet connectivity dongle with a bogus firmware file that is located on attacker-controlled server...

CVE-2024-50696

SunGrow WiNet-S V200.001.00.P025 and earlier versions is missing integrity checks for firmware upgrades. Sending a specific MQTT message allows an update to an inverter or a WiNet connectivity dongle with a bogus firmware file that is located on attacker-controlled server...

SunGrow WiNet-S stack buffer overflow vulnerability (CNVD-2025-03255)

SunGrow WiNet-S is a LAN communication module from SunGrow, China. The SunGrow WiNet-S suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause a denial of service...

SunGrow WiNet-S Storage Message Stack Buffer Overflow Vulnerability

SunGrow WiNet-S is a LAN communication module from SunGrow, China. A stack buffer overflow vulnerability exists in SunGrow WiNet-S stored messages. The vulnerability stems from the base code not checking the bounds of the buffer used to store messages when replicating timestamped reads of MQTT...

Unspecified Vulnerability in SunGrow WiNet-S

SunGrow WiNet-S is a LAN communication module from SunGrow, China. A security vulnerability exists in SunGrow WiNet-S version V200.001.00.P027 and prior versions, which can be exploited by an attacker to decrypt all firmware updates...

SunGrow WiNet-S Stack Buffer Overflow Vulnerability

SunGrow WiNet-S is a LAN communication module from SunGrow, China. The SunGrow WiNet-S suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause a denial of service...

SunGrow WiNet-S TLV Field Stack Buffer Overflow Vulnerability

SunGrow WiNet-S is a LAN communication module from SunGrow, China. A stack buffer overflow vulnerability exists in the SunGrow WiNet-S TLV field that originates from code that does not have sufficient boundary checks when parsing a specific TLV field. An attacker could exploit this vulnerability ...

SunGrow WiNet-S Trust Management Issues Vulnerability

SunGrow WiNet-S is a LAN communication module from SunGrow, China. A trust management issue vulnerability exists in SunGrow WiNet-S version V200.001.00.P027 and prior versions, which stems from the use of hard-coded MQTT credentials. An attacker could use this vulnerability to send arbitrary...

CVE-2024-50694

In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when copying the timestamp read from an MQTT message, the underlying code does not check the bounds of the buffer that is used to store the message. This may lead to a stack-based buffer overflow...