20 matches found
EUVD-2019-4984
Malware in sbrugna...
EUVD-2024-17613
Malicious code in bioql PyPI...
CVE-2019-13529
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which...
CVE-2024-1890
Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which could allow remote attackers to perform a clickjacking attack on Sunny WebBox firmware version 1.6.1 and earlier...
CVE-2024-1890 Clickjacking vulnerability in Sunny Webbox
Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which could allow remote attackers to perform a clickjacking attack on Sunny WebBox firmware version 1.6.1 and earlier...
CVE-2024-1890 Clickjacking vulnerability in Sunny Webbox
Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which could allow remote attackers to perform a clickjacking attack on Sunny WebBox firmware version 1.6.1 and earlier...
CVE-2024-1890
CVE-2024-1890 affects Sunny WebBox firmware 1.6.1 and earlier. Affected component is the WebBox UI vulnerable to clickjacking when an authenticated operator is served a malicious link, enabling potential UI interaction manipulation. Public sources (NVD/NVD-derived entries) describe the issue and ...
SMA Solar Technology AG Sunny WebBox Security Breach
Sma Solar Technology AG SMA Solar Technology AG Sunny WebBox is a device for recording, storing, displaying and transmitting solar system data from Sma Solar Technology AG, Germany. A security vulnerability exists in the SMA Solar Technology AG Sunny WebBox version 1.6.1 and earlier versions. An...
SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery
SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Date: 2019-10-08 Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware...
SMA Solar Technology AG Sunny WebBox 1.6 Cross Site Request Forgery
Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Date: 2019-10-08 Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware Version 1.6 and prior Tested on: Sunny WebBox SMA Solar Device Firmware Version...
CVE-2019-13529
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which...
Code injection
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which...
CVE-2019-13529
CVE-2019-13529 affects SMA Solar Technology Sunny WebBox (Firmware 1.6 and prior). The vulnerability is Cross-Site Request Forgery (CSRF) where an attacker entices an authenticated operator to click a malicious link, enabling actions with the user’s permissions. Affected devices use IP-based comm...
CVE-2019-13529
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which...
SMA Solar Technology AG Sunny WebBox
1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SMA Solar Technology AG Equipment: Sunny WebBox Vulnerability: Cross-Site Request Forgery 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to generate a...
Sunny WebBox Detection (HTTP)
Detects the installed version of SMA Solar Technology AG Sunny WebBox. This script check the presence of SMA Solar Technology AG Sunny WebBox from the banner. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Sunny WebBox Hardcoded Credentials (HTTP)
Sunny WebBox is using known hardcoded credentials. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
SMA Solar Sunny WebBox Privilege Gain Vulnerability
The SMA Solar Sunny WebBox is a device from SMA Germany for remote monitoring and maintenance of medium and large PV plants. A security vulnerability exists in the SMA Solar Sunny WebBox, which can be exploited by remote attackers to gain access...
Hardcoded credentials
SMA Solar Sunny WebBox has hardcoded passwords, which makes it easier for remote attackers to obtain access via unspecified vectors...
SMA Solar Technology AG Sunny WebBox Hard-Coded Account Vulnerability
OVERVIEW This updated advisory is a follow-up to the advisory titled ICSA-15-181-02 SMA Solar Technology AG Sunny WebBox Hard-Coded Account Vulnerability that was published September 3, 2015, on the NCCIC/ICS-CERT web site. Aleksandr Timorin of PT Security has identified a hard-coded account...