28 matches found
EUVD-2019-4984
Malware in sbrugna...
EUVD-2024-17613
Malicious code in bioql PyPI...
CVE-2019-13529
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which...
CVE-2024-1890
Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which could allow remote attackers to perform a clickjacking attack on Sunny WebBox firmware version 1.6.1 and earlier...
CVE-2024-1890
Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which could allow remote attackers to perform a clickjacking attack on Sunny WebBox firmware version 1.6.1 and earlier...
CVE-2024-1890 Clickjacking vulnerability in Sunny Webbox
Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which could allow remote attackers to perform a clickjacking attack on Sunny WebBox firmware version 1.6.1 and earlier...
CVE-2024-1890
CVE-2024-1890 affects Sunny WebBox firmware 1.6.1 and earlier. Affected component is the WebBox UI vulnerable to clickjacking when an authenticated operator is served a malicious link, enabling potential UI interaction manipulation. Public sources (NVD/NVD-derived entries) describe the issue and ...
CVE-2024-1890 Clickjacking vulnerability in Sunny Webbox
Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which could allow remote attackers to perform a clickjacking attack on Sunny WebBox firmware version 1.6.1 and earlier...
SMA Solar Technology AG Sunny WebBox Security Breach
Sma Solar Technology AG SMA Solar Technology AG Sunny WebBox is a device for recording, storing, displaying and transmitting solar system data from Sma Solar Technology AG, Germany. A security vulnerability exists in the SMA Solar Technology AG Sunny WebBox version 1.6.1 and earlier versions. An...
SMA Solar Technology Sunny WebBox Cross-Site Request Forgery (CVE-2019-13529)
A cross-site request forgery vulnerability exists in SMA Solar Technology Sunny WebBox. A remote attacker can exploit this vulnerability by enticing a target authenticated user to visit a specially crafted page...
The vulnerability of the microprogramming software in the remote control system for solar panels, SMA Solar Sunny WebBox, related to the manipulation of inter-site requests, allows a intruder to increase their privileges.
The vulnerability of the microprogramming software in the SMA Solar Sunny WebBox remote control system is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to enhance their privileges by using a specially created malicious link...
SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware Version 1.6 and prior Tested on: Sunny...
SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery
SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Date: 2019-10-08 Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware...
SMA Solar Technology AG Sunny WebBox 1.6 Cross Site Request Forgery
Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Date: 2019-10-08 Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware Version 1.6 and prior Tested on: Sunny WebBox SMA Solar Device Firmware Version...
SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery
Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Date: 2019-10-08 Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware Version 1.6 and prior Tested on: Sunny WebBox SMA Solar Device Firmware Version...
CVE-2019-13529
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which...
Code injection
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which...
CVE-2019-13529
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which...
CVE-2019-13529
CVE-2019-13529 affects SMA Solar Technology Sunny WebBox (Firmware 1.6 and prior). The vulnerability is Cross-Site Request Forgery (CSRF) where an attacker entices an authenticated operator to click a malicious link, enabling actions with the user’s permissions. Affected devices use IP-based comm...
SMA Solar Technology AG Sunny WebBox
1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SMA Solar Technology AG Equipment: Sunny WebBox Vulnerability: Cross-Site Request Forgery 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to generate a...