Sunny Explorer
by Sma
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-9863 | Hig | 0.57 | 8.8 | 0.01 | Aug 5, 2017 | An issue was discovered in SMA Solar Technology products. If a user simultaneously has Sunny Explorer running and visits a malicious host, cross-site request forgery can be used to change settings in the inverters (for example, issuing a POST request to change the user… | ||
| CVE-2017-9862 | Hig | 0.49 | 7.5 | 0.02 | Aug 5, 2017 | An issue was discovered in SMA Solar Technology products. When signed into Sunny Explorer with a wrong password, it is possible to create a debug report, disclosing information regarding the application and allowing the attacker to create and save a .txt file with contents to… | ||
| CVE-2017-9851 | Hig | 0.49 | 7.5 | 0.02 | Aug 5, 2017 | An issue was discovered in SMA Solar Technology products. By sending nonsense data or setting up a TELNET session to the database port of Sunny Explorer, the application can be crashed. NOTE: the vendor reports that the maximum possible damage is a communication failure. Also,… |
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in SMA Solar Technology products. If a user simultaneously has Sunny Explorer running and visits a malicious host, cross-site request forgery can be used to change settings in the inverters (for example, issuing a POST request to change the user…
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in SMA Solar Technology products. When signed into Sunny Explorer with a wrong password, it is possible to create a debug report, disclosing information regarding the application and allowing the attacker to create and save a .txt file with contents to…
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in SMA Solar Technology products. By sending nonsense data or setting up a TELNET session to the database port of Sunny Explorer, the application can be crashed. NOTE: the vendor reports that the maximum possible damage is a communication failure. Also,…