Known Vulnerabilities for products from Sma
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Sma".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Sma can be found at device.report : Sma
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-46416 json | Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups accessing... | 8.1 - HIGH | 2022-04-07 | 2022-04-15 |
| CVE-2019-13529 json | An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions wit... | 8.8 - HIGH | 2019-10-09 | 2019-10-15 |
| CVE-2017-9864 json | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. An attacker can change the plant time even when not ... | 7.5 - HIGH | 2017-08-05 | 2023-11-07 |
| CVE-2017-9863 json | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. If a user simultaneously has Sunny Explorer running ... | 8.8 - HIGH | 2017-08-05 | 2023-11-07 |
| CVE-2017-9862 json | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. When signed into Sunny Explorer with a wrong passwor... | 7.5 - HIGH | 2017-08-05 | 2023-11-07 |
| CVE-2017-9861 json | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. The SIP implementation does not properly use authent... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9860 json | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. An attacker can use Sunny Explorer or the SMAdata2+ ... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9859 json | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. The inverters make use of a weak hashing algorithm t... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9858 json | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. By sending crafted packets to an inverter and observ... | 7.5 - HIGH | 2017-08-05 | 2023-11-07 |
| CVE-2017-9857 json | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. The SMAdata2+ communication protocol does not proper... | 8.1 - HIGH | 2017-08-05 | 2023-11-07 |
| CVE-2017-9856 json | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. Sniffed passwords from SMAdata2+ communication can b... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9855 json | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. A secondary authentication system is available for I... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9854 json | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. By sniffing for specific packets on the localhost, p... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9853 json | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. All inverters have a very weak password policy for t... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9852 json | ** DISPUTED ** An Incorrect Password Management issue was discovered in SMA Solar Technology products. Default passwords exis... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9851 json | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. By sending nonsense data or setting up a TELNET sess... | 7.5 - HIGH | 2017-08-05 | 2023-11-07 |
Known software with vulnerabilities from Sma
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Sma | Sunny Explorer | - |
| Hardware | Sma | Sunny Webbox | - |
| Operating System | Sma | Sunny Webbox Firmware | 1.6 |