Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sma sunny explorer - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-9851
An issue exists in SMA Solar Technology products. By sending nonsense data or setting up a TELNET session to the database port of Sunny Explorer, the application can be crashed. NOTE: the vendor reports that the maximum possible damage is a communication failure. Also, only Sunny...
Sma Sunny Explorer -
7.5
CVSSv3
CVE-2017-9862
An issue exists in SMA Solar Technology products. When signed into Sunny Explorer with a wrong password, it is possible to create a debug report, disclosing information regarding the application and allowing the malicious user to create and save a .txt file with contents to his l...
Sma Sunny Explorer -
8.8
CVSSv3
CVE-2017-9863
An issue exists in SMA Solar Technology products. If a user simultaneously has Sunny Explorer running and visits a malicious host, cross-site request forgery can be used to change settings in the inverters (for example, issuing a POST request to change the user password). All Sun...
Sma Sunny Boy 3600 Firmware -
Sma Sunny Boy 5000 Firmware -
Sma Sunny Tripower Core1 Firmware -
Sma Sunny Tripower 15000tl Firmware -
Sma Sunny Tripower 20000tl Firmware -
Sma Sunny Tripower 25000tl Firmware -
Sma Sunny Tripower 5000tl Firmware -
Sma Sunny Tripower 12000tl Firmware -
Sma Sunny Tripower 60 Firmware -
Sma Sunny Boy 3000tl Firmware -
Sma Sunny Boy 3600tl Firmware -
Sma Sunny Boy 4000tl Firmware -
Sma Sunny Boy 5000tl Firmware -
Sma Sunny Boy 1.5 Firmware -
Sma Sunny Boy 2.5 Firmware -
Sma Sunny Boy 3.0 Firmware -
Sma Sunny Boy 3.6 Firmware -
Sma Sunny Boy 4.0 Firmware -
Sma Sunny Boy 5.0 Firmware -
Sma Sunny Central 2200 Firmware -
Sma Sunny Central 1000cp Xt Firmware -
Sma Sunny Central 800cp Xt Firmware -
9.8
CVSSv3
CVE-2017-9854
An issue exists in SMA Solar Technology products. By sniffing for specific packets on the localhost, plaintext passwords can be obtained as they are typed into Sunny Explorer by the user. These passwords can then be used to compromise the overall device. NOTE: the vendor reports ...
Sma Sunny Boy 3600 Firmware -
Sma Sunny Boy 5000 Firmware -
Sma Sunny Tripower Core1 Firmware -
Sma Sunny Tripower 15000tl Firmware -
Sma Sunny Tripower 20000tl Firmware -
Sma Sunny Tripower 25000tl Firmware -
Sma Sunny Tripower 5000tl Firmware -
Sma Sunny Tripower 12000tl Firmware -
Sma Sunny Tripower 60 Firmware -
Sma Sunny Boy 3000tl Firmware -
Sma Sunny Boy 3600tl Firmware -
Sma Sunny Boy 4000tl Firmware -
Sma Sunny Boy 5000tl Firmware -
Sma Sunny Boy 1.5 Firmware -
Sma Sunny Boy 2.5 Firmware -
Sma Sunny Boy 3.0 Firmware -
Sma Sunny Boy 3.6 Firmware -
Sma Sunny Boy 4.0 Firmware -
Sma Sunny Boy 5.0 Firmware -
Sma Sunny Central 2200 Firmware -
Sma Sunny Central 1000cp Xt Firmware -
Sma Sunny Central 800cp Xt Firmware -
9.8
CVSSv3
CVE-2017-9860
An issue exists in SMA Solar Technology products. An attacker can use Sunny Explorer or the SMAdata2+ network protocol to update the device firmware without ever having to authenticate. If an attacker is able to create a custom firmware version that is accepted by the inverter, t...
Sma Sunny Boy 3600 Firmware -
Sma Sunny Boy 5000 Firmware -
Sma Sunny Tripower Core1 Firmware -
Sma Sunny Tripower 15000tl Firmware -
Sma Sunny Tripower 20000tl Firmware -
Sma Sunny Tripower 25000tl Firmware -
Sma Sunny Tripower 5000tl Firmware -
Sma Sunny Tripower 12000tl Firmware -
Sma Sunny Tripower 60 Firmware -
Sma Sunny Boy 3000tl Firmware -
Sma Sunny Boy 3600tl Firmware -
Sma Sunny Boy 4000tl Firmware -
Sma Sunny Boy 5000tl Firmware -
Sma Sunny Boy 1.5 Firmware -
Sma Sunny Boy 2.5 Firmware -
Sma Sunny Boy 3.0 Firmware -
Sma Sunny Boy 3.6 Firmware -
Sma Sunny Boy 4.0 Firmware -
Sma Sunny Boy 5.0 Firmware -
Sma Sunny Central 2200 Firmware -
Sma Sunny Central 1000cp Xt Firmware -
Sma Sunny Central 800cp Xt Firmware -
8.1
CVSSv3
CVE-2017-9857
An issue exists in SMA Solar Technology products. The SMAdata2+ communication protocol does not properly use authentication with encryption: it is vulnerable to man in the middle, packet injection, and replay attacks. Any setting change, authentication packet, scouting packet, et...
Sma Sunny Boy 3600 Firmware -
Sma Sunny Boy 5000 Firmware -
Sma Sunny Tripower Core1 Firmware -
Sma Sunny Tripower 15000tl Firmware -
Sma Sunny Tripower 20000tl Firmware -
Sma Sunny Tripower 25000tl Firmware -
Sma Sunny Tripower 5000tl Firmware -
Sma Sunny Tripower 12000tl Firmware -
Sma Sunny Tripower 60 Firmware -
Sma Sunny Boy 3000tl Firmware -
Sma Sunny Boy 3600tl Firmware -
Sma Sunny Boy 4000tl Firmware -
Sma Sunny Boy 5000tl Firmware -
Sma Sunny Boy 1.5 Firmware -
Sma Sunny Boy 2.5 Firmware -
Sma Sunny Boy 3.0 Firmware -
Sma Sunny Boy 3.6 Firmware -
Sma Sunny Boy 4.0 Firmware -
Sma Sunny Boy 5.0 Firmware -
Sma Sunny Central 2200 Firmware -
Sma Sunny Central 1000cp Xt Firmware -
Sma Sunny Central 800cp Xt Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started