Known Vulnerabilities for products from Sma
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Sma".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Sma can be found at device.report : Sma
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-46416 | Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups accessing... | 8.1 - HIGH | 2022-04-07 | 2022-04-15 |
| CVE-2019-13529 | An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions wit... | 8.8 - HIGH | 2019-10-09 | 2019-10-15 |
| CVE-2017-9864 | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. An attacker can change the plant time even when not ... | 7.5 - HIGH | 2017-08-05 | 2023-11-07 |
| CVE-2017-9863 | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. If a user simultaneously has Sunny Explorer running ... | 8.8 - HIGH | 2017-08-05 | 2023-11-07 |
| CVE-2017-9862 | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. When signed into Sunny Explorer with a wrong passwor... | 7.5 - HIGH | 2017-08-05 | 2023-11-07 |
| CVE-2017-9861 | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. The SIP implementation does not properly use authent... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9860 | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. An attacker can use Sunny Explorer or the SMAdata2+ ... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9859 | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. The inverters make use of a weak hashing algorithm t... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9858 | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. By sending crafted packets to an inverter and observ... | 7.5 - HIGH | 2017-08-05 | 2023-11-07 |
| CVE-2017-9857 | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. The SMAdata2+ communication protocol does not proper... | 8.1 - HIGH | 2017-08-05 | 2023-11-07 |
| CVE-2017-9856 | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. Sniffed passwords from SMAdata2+ communication can b... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9855 | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. A secondary authentication system is available for I... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9854 | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. By sniffing for specific packets on the localhost, p... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9853 | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. All inverters have a very weak password policy for t... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9852 | ** DISPUTED ** An Incorrect Password Management issue was discovered in SMA Solar Technology products. Default passwords exis... | 9.8 - CRITICAL | 2017-08-05 | 2023-11-07 |
| CVE-2017-9851 | ** DISPUTED ** An issue was discovered in SMA Solar Technology products. By sending nonsense data or setting up a TELNET sess... | 7.5 - HIGH | 2017-08-05 | 2023-11-07 |
Known software with vulnerabilities from Sma
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Sma | Sunny Explorer | - |
| Hardware | Sma | Sunny Webbox | - |
| Operating System | Sma | Sunny Webbox Firmware | 1.6 |