8 matches found
CVE-2019-13529
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which...
SMA Solar Technology Sunny WebBox Cross-Site Request Forgery (CVE-2019-13529)
A cross-site request forgery vulnerability exists in SMA Solar Technology Sunny WebBox. A remote attacker can exploit this vulnerability by enticing a target authenticated user to visit a specially crafted page...
SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware Version 1.6 and prior Tested on: Sunny...
SMA Solar Technology AG Sunny WebBox 1.6 Cross Site Request Forgery
Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Date: 2019-10-08 Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware Version 1.6 and prior Tested on: Sunny WebBox SMA Solar Device Firmware Version...
SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery
SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Date: 2019-10-08 Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware...
SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery
Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Date: 2019-10-08 Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware Version 1.6 and prior Tested on: Sunny WebBox SMA Solar Device Firmware Version...
CVE-2019-13529
CVE-2019-13529 affects SMA Solar Technology Sunny WebBox (Firmware 1.6 and prior). The vulnerability is Cross-Site Request Forgery (CSRF) where an attacker entices an authenticated operator to click a malicious link, enabling actions with the user’s permissions. Affected devices use IP-based comm...
SMA Solar Technology AG Sunny WebBox
1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SMA Solar Technology AG Equipment: Sunny WebBox Vulnerability: Cross-Site Request Forgery 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to generate a...