Isolarcloud Security Vulnerabilities and Issues — Isolarcloud CVE List

Lucene search

SungrowpowerIsolarcloud

6 matches found

CVE•added 2025/02/26 9:15 p.m.•112 views

CVE-2024-50693

SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references (IDOR) via the userService API model.

9.1CVSS6.5AI score0.0005EPSS

CVE•added 2025/02/26 9:15 p.m.•96 views

CVE-2024-50686

SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references (IDOR) via the commonService API model.

9.1CVSS6.5AI score0.0005EPSS

CVE•added 2025/02/26 9:15 p.m.•93 views

CVE-2024-50689

SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references (IDOR) via the orgService API model.

9.1CVSS6.5AI score0.0005EPSS

CVE•added 2025/02/26 9:15 p.m.•91 views

CVE-2024-50685

SunGrow iSolarCloud before the October 31, 2024 remediation, is vulnerable to insecure direct object references (IDOR) via the powerStationService API model.

9.1CVSS6.5AI score0.0005EPSS

CVE•added 2025/02/26 9:15 p.m.•89 views

CVE-2024-50687

SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references (IDOR) via the devService API model.

9.1CVSS6.5AI score0.0005EPSS

CVE•added 2025/02/26 9:15 p.m.•47 views

CVE-2024-50688

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application (regardless of the user account) and the cloud uses the same MQTT credentials for exchanging the device telemetry.

9.8CVSS6.7AI score0.00073EPSS