VYPR

Sunny Explorer

by Sma

CVEs (3)

  • CVE-2017-9863HigAug 5, 2017
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in SMA Solar Technology products. If a user simultaneously has Sunny Explorer running and visits a malicious host, cross-site request forgery can be used to change settings in the inverters (for example, issuing a POST request to change the user…

  • CVE-2017-9862HigAug 5, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in SMA Solar Technology products. When signed into Sunny Explorer with a wrong password, it is possible to create a debug report, disclosing information regarding the application and allowing the attacker to create and save a .txt file with contents to…

  • CVE-2017-9851HigAug 5, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in SMA Solar Technology products. By sending nonsense data or setting up a TELNET session to the database port of Sunny Explorer, the application can be crashed. NOTE: the vendor reports that the maximum possible damage is a communication failure. Also,…