283 matches found
CVE-2025-36743
SolarEdge SE3680H has an exposed debug/test interface accessible to unauthenticated actors, allowing disclosure of system internals and execution of debug commands...
CVE-2025-36743
CVE-2025-36743 concerns the SolarEdge SE3680H inverter, where an exposed debug/test interface is reachable by unauthenticated actors. Redundant exposure could lead to disclosure of internal system information and execution of debug commands, indicating a potential impact on confidentiality, integ...
CVE-2025-36743 SolarEdge SE3680H - Exposed Debug interface
SolarEdge SE3680H has an exposed debug/test interface accessible to unauthenticated actors, allowing disclosure of system internals and execution of debug commands...
CVE-2025-36743 SolarEdge SE3680H - Exposed Debug interface
SolarEdge SE3680H has an exposed debug/test interface accessible to unauthenticated actors, allowing disclosure of system internals and execution of debug commands...
SolarEdge SE3680H 安全漏洞
The SolarEdge SE3680H is a high-clearance wave inverter from SolarEdge, Israel. A security vulnerability exists in the SolarEdge SE3680H that originates from the exposure of an unauthenticated debug or test interface, which could lead to the disclosure of internal system information and the...
PT-2025-50934
SolarEdge SE3680H has an exposed debug/test interface accessible to unauthenticated actors, allowing disclosure of system internals and execution of debug commands...
PT-2025-50497
Name of the Vulnerable Software and Affected Versions ESP32 versions affected versions not specified Description The ESP32 system on a chip SoC used in the Meatmeet Pro has JTAG enabled. An attacker with physical access can connect to the device via the JTAG port and reflash the firmware with...
CVE-2024-32008
A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to a local privilege escalation due to an exposed debug interface on the localhost. This allows any local user to gain code execution as administrative application user...
CVE-2024-32008
A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to a local privilege escalation due to an exposed debug interface on the localhost. This allows any local user to gain code execution as administrative application user...
CVE-2024-32008
A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to a local privilege escalation due to an exposed debug interface on the localhost. This allows any local user to gain code execution as administrative application user...
EUVD-2024-29846
A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to a local privilege escalation due to an exposed debug interface on the localhost. This allows any local user to gain code execution as administrative application user...
CVE-2024-32008
Spectrum Power 4 (all versions
CVE-2024-32008
A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to a local privilege escalation due to an exposed debug interface on the localhost. This allows any local user to gain code execution as administrative application user...
CVE-2025-41731
A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowledge of the password generation timeframe might be able to brute force the password in a timely manner and thus gain root access to the device if the...
PT-2025-46533
Name of the Vulnerable Software and Affected Versions Spectrum Power versions prior to 4.70 SP12 Update 2 Description The application contains a flaw that allows local privilege escalation. An exposed debug interface on localhost enables any local user to gain code execution as an administrative...
CVE-2025-41731
A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowledge of the password generation timeframe might be able to brute force the password in a timely manner and thus gain root access to the device if the...
CVE-2025-41731 Jumo: Insufficient entropy in PRNG may lead to root access
A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowledge of the password generation timeframe might be able to brute force the password in a timely manner and thus gain root access to the device if the...
CVE-2025-41731 Jumo: Insufficient entropy in PRNG may lead to root access
A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowledge of the password generation timeframe might be able to brute force the password in a timely manner and thus gain root access to the device if the...
EUVD-2025-44036
A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowledge of the password generation timeframe might be able to brute force the password in a timely manner and thus gain root access to the device if the...
CVE-2025-41731
CVE-2025-41731 involves Jumo variTRON300 devices where the password for the debug interface is generated from a weak PRNG. An unauthenticated local attacker who knows the password-generation timeframe could brute-force the password in a timely manner and gain root access if the debug interface re...