Unrated severityNVD Advisory· Published Apr 7, 2022· Updated Aug 4, 2024

CVE-2021-46416

Description

Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups accessing due to insecure cookie handling.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

SUNNY/SUNNY TRIPOWER 5.0description
Sma/SUNNY TRIPOWER 5.0llm-create
Range: = 3.10.16.R

Patches

Vulnerability mechanics

References

packetstormsecurity.com/files/166670/SAM-SUNNY-TRIPOWER-5.0-Insecure-Direct-Object-Reference.htmlmitrex_refsource_MISC
drive.google.com/drive/folders/1BPULhDC_g__seH_VnQlVtkrKdOLkXdzVmitrex_refsource_MISC
www.sma.de/en/products/solarinverters/sunny-tripower-30-40-50-60.htmlmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000