Growatt ShineLan-X 安全漏洞

Growatt ShineLan-X is a data logger for a photovoltaic PV inverter from Growatt, a Chinese company. A security vulnerability exists in Growatt ShineLan-X that stems from a lack of encryption in the configuration interface, which could lead to interception and manipulation of communication request...

Growatt ShineLan-X 安全漏洞

Growatt ShineLan-X is a data logger for PV inverters from Growatt, a Chinese company. A security vulnerability exists in the Growatt ShineLan-X that stems from the inclusion of FTP server credentials in the firmware, which could lead to the replacement of legitimate files with malicious versions...

Growatt ShineLan-X 安全漏洞

Growatt ShineLan-X is a data logger for photovoltaic inverters from Growatt China. A security vulnerability exists in Growatt ShineLan-X that stems from a stored cross-site scripting vulnerability in the Plant Name field that could lead to the execution of malicious code...

Growatt ShineLan-X 安全漏洞

Growatt ShineLan-X is a data logger for a photovoltaic inverter from Growatt China. A security vulnerability exists in Growatt ShineLan-X that stems from a stored cross-site scripting vulnerability in the locally configured web server that could lead to the execution of malicious code...

Growatt ShineLan-X 安全漏洞

Growatt ShineLan-X is a data logger for PV inverters from Growatt China. A security vulnerability exists in Growatt ShineLan-X, which stems from the SWD debugging interface enabled by default and could lead to the extraction of device secrets or domains...

METZ CONNECT多款产品 访问控制错误漏洞

METZ CONNECT Energy-Controlling EWIO2-M and others are products of METZ CONNECT, Germany.METZ CONNECT Energy-Controlling EWIO2-M is a high performance data logger.METZ CONNECT Energy- Controlling EWIO2-M-BM is a high performance data logger.METZ CONNECT Ethernet-IO EWIO2-BM is a sensor and actuat...

EUVD-2023-31164

Malicious code in bioql PyPI...

EUVD-2023-26784

Malicious code in bioql PyPI...

EUVD-2023-27645

Malicious code in bioql PyPI...

EUVD-2023-31163

Malicious code in bioql PyPI...

Tigo Energy Cloud Connect Advanced 安全漏洞

Tigo Energy Cloud Connect Advanced is a compact data logger from Tigo Energy USA. A security vulnerability exists in Tigo Energy Cloud Connect Advanced that stems from insecure session ID generation that could lead to unauthorized access...

CVE-2023-27388

Improper authentication vulnerability in T Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to login to the product as a registered user. Affected products and versions are as follows: T Corporation data logger products TR-71W/72W all firmware versions...

Panasonic KW Watcher 安全漏洞

Panasonic KW Watcher is an application software from Panasonic Corporation Japan. It allows you to monitor the log files downloaded from the network data logger from your PC. A security vulnerability exists in Panasonic KW Watcher versions 1.00 through 2.83, which originated from a vulnerability...

CVE-2023-27387

Cross-site request forgery CSRF in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to conduct an arbitrary operation by having a logged-in user view a malicious page. Affected products and versions are as follows: T&D Corporation data logger...

CVE-2023-22654

Client-side enforcement of server-side security issue exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may lead to an arbitrary script execution on a logged-in user's web browser. Affected products and versions are as follows: T&D Corporation data logger products TR-71W/7...

CVE-2023-23545

Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may allow a remote unauthenticated attacker to alter the product settings without authentication. Affected products and versions are as follows: T&D Corporation data logger...

CVE-2023-27387

Cross-site request forgery CSRF in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to conduct an arbitrary operation by having a logged-in user view a malicious page. Affected products and versions are as follows: T&D Corporation data logger...

CVE-2023-27388

Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to login to the product as a registered user. Affected products and versions are as follows: T&D Corporation data logger products TR-71W/72W all firmware...

Authentication flaw

Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may allow a remote unauthenticated attacker to alter the product settings without authentication. Affected products and versions are as follows: T&D Corporation data logger...

Cross site request forgery (csrf)

Cross-site request forgery CSRF in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to conduct an arbitrary operation by having a logged-in user view a malicious page. Affected products and versions are as follows: T&D Corporation data logger...