Lucene search
K

138 matches found

Vulnrichment
Vulnrichment
added 2025/02/26 12:0 a.m.12 views

CVE-2024-50691

SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from Missing SSL Certificate Validation. The app explicitly ignores certificate errors and is vulnerable to MiTM attacks. Attackers can impersonate the iSolarCloud server and communicate with the Android app...

7.3AI score0.00219EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/26 12:0 a.m.12 views

CVE-2024-50689

SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the orgService API model...

9.2AI score0.00454EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/26 12:0 a.m.14 views

CVE-2024-50693

SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the userService API model...

9.2AI score0.0047EPSS
Exploits0References1
CVE
CVE
added 2025/02/26 12:0 a.m.104 views

CVE-2024-50689

SunGrow iSolarCloud vulnerability (CVE-2024-50689) affects the Android app and cloud API. The issue is insecure direct object references (IDOR) via the orgService API model, potentially allowing unauthorized access to user data and modification of identifying data values. The CVE entry notes reme...

9.1CVSS6.5AI score0.00454EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/02/26 12:0 a.m.102 views

CVE-2024-50685

SunGrow iSolarCloud is vulnerable to insecure direct object references (IDOR) in the powerStationService API model, affecting the iSolarCloud Android app and related cloud services. The root cause is IDOR flaws that could allow unauthorized access to user data and potentially modify key identifyi...

9.1CVSS6.5AI score0.00454EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.12 views

SunGrow WiNet-S 安全漏洞

The SunGrow WiNet-S is a LAN communication module from China's SunGrow Power SunGrow. A security vulnerability exists in SunGrow WiNet-S version V200.001.00.P025 and prior versions, which stems from a firmware upgrade that lacks integrity checking...

7.5CVSS6.8AI score0.00208EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/26 12:0 a.m.26 views

CVE-2024-50691

SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from Missing SSL Certificate Validation. The app explicitly ignores certificate errors and is vulnerable to MiTM attacks. Attackers can impersonate the iSolarCloud server and communicate with the Android app...

0.00219EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.6 views

SunGrow iSolarCloud 安全漏洞

SunGrow iSolarCloud is an Android app for new energy power plant management from China SunGrow SunGrow. It is used for power plant data collection, monitoring, operation and maintenance and operation management. A security vulnerability exists in SunGrow iSolarCloud version V2.1.6.20241017 and...

9.8CVSS6.7AI score0.00474EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.6 views

SunGrow iSolarCloud 安全漏洞

SunGrow iSolarCloud is an Android app for new energy power plant management from China SunGrow SunGrow. It is used for power plant data collection, monitoring, operation and maintenance and operation management. A security vulnerability exists in SunGrow iSolarCloud, which stems from an insecure...

9.1CVSS6.7AI score0.00454EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/26 12:0 a.m.16 views

CVE-2024-50687

SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the devService API model...

0.0041EPSS
Exploits0References1
CVE
CVE
added 2025/02/26 12:0 a.m.108 views

CVE-2024-50687

CVE-2024-50687 (SunGrow iSolarCloud) : The SunGrow iSolarCloud ecosystem (Android app and cloud) is vulnerable to multiple insecure direct object references (IDOR) via the devService API model, with related exposure noted for powerStationService, userService, orgService, and commonService APIs. T...

9.1CVSS6.5AI score0.0041EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.8 views

SunGrow iSolarCloud 安全漏洞

SunGrow iSolarCloud is an Android app for new energy power plant management from China SunGrow SunGrow. It is used for power plant data collection, monitoring, operation and maintenance and operation management. A security vulnerability exists in SunGrow iSolarCloud, which stems from an insecure...

9.1CVSS6.7AI score0.00454EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/26 12:0 a.m.15 views

CVE-2024-50693

SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the userService API model...

0.0047EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/26 12:0 a.m.13 views

CVE-2024-50685

SunGrow iSolarCloud before the October 31, 2024 remediation, is vulnerable to insecure direct object references IDOR via the powerStationService API model...

9.2AI score0.00454EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/26 12:0 a.m.15 views

CVE-2024-50686

SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the commonService API model...

0.00454EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/26 12:0 a.m.11 views

CVE-2024-50686

SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the commonService API model...

9.2AI score0.00454EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.6 views

SunGrow iSolarCloud 安全漏洞

SunGrow iSolarCloud is an Android app for new energy power plant management from China SunGrow SunGrow. It is used for power plant data collection, monitoring, operation and maintenance and operation management. A security vulnerability exists in SunGrow iSolarCloud, which stems from an insecure...

9.1CVSS6.7AI score0.00454EPSS
Exploits0References3
CVE
CVE
added 2025/02/26 12:0 a.m.67 views

CVE-2024-50696

SunGrow WiNet-S firmware upgrade process lacks integrity checking for updates in V200.001.00.P025 and earlier. A crafted MQTT message can trigger installation of a bogus firmware file hosted on an attacker-controlled server, potentially compromising an inverter or WiNet connectivity dongle. Affec...

7.5CVSS6.7AI score0.00208EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/26 12:0 a.m.12 views

CVE-2024-50687

SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the devService API model...

9.2AI score0.0041EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.6 views

SunGrow iSolarCloud 安全漏洞

SunGrow iSolarCloud is an Android app for new energy power plant management from China SunGrow SunGrow. It is used for power plant data collection, monitoring, operation and maintenance and operation management. A security vulnerability exists in SunGrow iSolarCloud, which stems from an insecure...

9.1CVSS6.7AI score0.0041EPSS
Exploits0References3
Rows per page
Query Builder