SolaX Cloud
by SolaX
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-36759 | Hig | 0.57 | — | 0.00 | Sep 10, 2025 | Through the provision of user names, SolaX Cloud will suggest (similar) user accounts and thereby leak sensitive information such as user email addresses and phone numbers. | ||
| CVE-2025-36758 | Med | 0.41 | — | 0.00 | Sep 10, 2025 | It is possible to bypass the clipping level of authentication attempts in SolaX Cloud through the use of the 'Forgot Password' functionality as an oracle. | ||
| CVE-2025-36757 | Med | 0.41 | — | 0.00 | Sep 10, 2025 | It is possible to bypass the administrator login screen on SolaX Cloud. An attacker could use parameter tampering to bypass the login screen and gain limited access to the system. | ||
| CVE-2025-36756 | Med | 0.38 | — | 0.00 | Sep 10, 2025 | A problem with missing authorization on SolaX Cloud platform allows taking over any SolaX solarpanel inverter of which the serial number is known. |
- risk 0.57cvss —epss 0.00
Through the provision of user names, SolaX Cloud will suggest (similar) user accounts and thereby leak sensitive information such as user email addresses and phone numbers.
- risk 0.41cvss —epss 0.00
It is possible to bypass the clipping level of authentication attempts in SolaX Cloud through the use of the 'Forgot Password' functionality as an oracle.
- risk 0.41cvss —epss 0.00
It is possible to bypass the administrator login screen on SolaX Cloud. An attacker could use parameter tampering to bypass the login screen and gain limited access to the system.
- risk 0.38cvss —epss 0.00
A problem with missing authorization on SolaX Cloud platform allows taking over any SolaX solarpanel inverter of which the serial number is known.