Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solar vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0591
The crypt_gensalt functions for BSDI-style extended DES-based and FreeBSD-sytle MD5-based password hashes in crypt_blowfish 0.4.7 and previous versions do not evenly and randomly distribute salts, which makes it easier for malicious users to guess passwords from a stolen password...
Solar Designer Crypt Blowfish 0.4.7
5.4
CVSSv3
CVE-2023-46344
A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an malicious user to escalate their privileges by exploiting a stored cross-site scripting (XSS) vulnerability in the switch group function under /#ilang=DE&b=c_s...
Solar-log 2000 Pm\\+ Firmware 15.10.2019
8.8
CVSSv3
CVE-2020-9306
Tesla SolarCity Solar Monitoring Gateway up to and including 5.46.43 has a "Use of Hard-coded Credentials" issue because Digi ConnectPort X2e uses a .pyc file to store the cleartext password for the python user account.
Tesla Solarcity Solar Monitoring Gateway
7.5
CVSSv3
CVE-2018-12735
SAJ Solar Inverter allows remote malicious users to obtain potentially sensitive information via a direct request for the inverter_info.htm or english_main.htm URI.
Saj-electric Saj Solar Inverter -
NA
CVE-2015-3964
SMA Solar Sunny WebBox has hardcoded passwords, which makes it easier for remote malicious users to obtain access via unspecified vectors.
Sma Solar Technology Ag Webbox Firmware -
8.8
CVSSv3
CVE-2017-6048
A Command Injection issue exists in Satel Iberia SenNet Data Logger and Electricity Meters: SenNet Optimal DataLogger V5.37c-1.43c and prior, SenNet Solar Datalogger V5.03-1.56a and prior, and SenNet Multitask Meter V5.21a-1.18b and prior. Successful exploitation of this vulnerab...
Satel-iberia Sennet Solar Datalogger
Satel-iberia Sennet Multitask Meter
Satel-iberia Sennet Optimal Datalogger
9.8
CVSSv3
CVE-2019-19228
Fronius Solar Inverter devices prior to 3.14.1 (HM 1.12.1) allow malicious users to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file.
Fronius Datamanager Box 2.0 Firmware
Fronius Eco 25.0-3-s Firmware
Fronius Eco 27.0-3-s Firmware
Fronius Galvo 1.5-1 Firmware
Fronius Galvo 1.5-1 208-240 Firmware
Fronius Galvo 2.0-1 Firmware
Fronius Galvo 2.0-1 208-240 Firmware
Fronius Galvo 2.5-1 Firmware
Fronius Galvo 2.5-1 208-240 Firmware
Fronius Galvo 3.0-1 Firmware
Fronius Galvo 3.1-1 Firmware
Fronius Galvo 3.1-1 208-240 Firmware
Fronius Primo 10.0-1 208-240 Firmware
Fronius Primo 11.4-1 208-240 Firmware
Fronius Primo 12.5-1 208-240 Firmware
Fronius Primo 15.0-1 208-240 Firmware
Fronius Primo 3.0-1 Firmware
Fronius Primo 3.5-1 Firmware
Fronius Primo 3.6-1 Firmware
Fronius Primo 3.8-1 208-240 Firmware
Fronius Primo 4.0-1 Firmware
Fronius Primo 4.6-1 Firmware
6.5
CVSSv3
CVE-2019-19229
admincgi-bin/service.fcgi on Fronius Solar Inverter devices prior to 3.14.1 (HM 1.12.1) allows action=download&filename= Directory Traversal.
Fronius Datamanager Box 2.0 Firmware
Fronius Eco 25.0-3-s Firmware
Fronius Eco 27.0-3-s Firmware
Fronius Galvo 1.5-1 Firmware
Fronius Galvo 1.5-1 208-240 Firmware
Fronius Galvo 2.0-1 Firmware
Fronius Galvo 2.0-1 208-240 Firmware
Fronius Galvo 2.5-1 Firmware
Fronius Galvo 2.5-1 208-240 Firmware
Fronius Galvo 3.0-1 Firmware
Fronius Galvo 3.1-1 Firmware
Fronius Galvo 3.1-1 208-240 Firmware
Fronius Primo 10.0-1 208-240 Firmware
Fronius Primo 11.4-1 208-240 Firmware
Fronius Primo 12.5-1 208-240 Firmware
Fronius Primo 15.0-1 208-240 Firmware
Fronius Primo 3.0-1 Firmware
Fronius Primo 3.5-1 Firmware
Fronius Primo 3.6-1 Firmware
Fronius Primo 3.8-1 208-240 Firmware
Fronius Primo 4.0-1 Firmware
Fronius Primo 4.6-1 Firmware
8.8
CVSSv3
CVE-2019-13529
An attacker could send a malicious link to an authenticated operator, which may allow remote malicious users to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a suc...
Sma Sunny Webbox Firmware
1 EDB exploit
NA
CVE-2001-1341
The Beck GmbH IPC@Chip embedded web server installs the chipcfg.cgi program by default, which allows remote malicious users to obtain sensitive network information via a request to the program.
Beck Ipc Gmbh Ipc At Chip Embedded-webserver
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »