Vulnerabilities > SMA

DATE CVE VULNERABILITY TITLE RISK
2022-04-07 CVE-2021-46416 Authorization Bypass Through User-Controlled Key vulnerability in SMA Sunny Tripower Firmware 3.10.16.R
Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups accessing due to insecure cookie handling.
network
low complexity
sma CWE-639
5.5
2019-10-09 CVE-2019-13529 Cross-Site Request Forgery (CSRF) vulnerability in SMA Sunny Webbox Firmware 1.6
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior.
network
sma CWE-352
6.8
2017-08-05 CVE-2017-9864 Unspecified vulnerability in SMA products
** DISPUTED ** An issue was discovered in SMA Solar Technology products.
network
low complexity
sma
5.0
2017-08-05 CVE-2017-9863 Cross-Site Request Forgery (CSRF) vulnerability in SMA products
** DISPUTED ** An issue was discovered in SMA Solar Technology products.
network
sma CWE-352
6.8
2017-08-05 CVE-2017-9862 Information Exposure vulnerability in SMA Sunny Explorer
** DISPUTED ** An issue was discovered in SMA Solar Technology products.
network
low complexity
sma CWE-200
5.0
2017-08-05 CVE-2017-9861 Injection vulnerability in SMA products
** DISPUTED ** An issue was discovered in SMA Solar Technology products.
network
low complexity
sma CWE-74
critical
9.0
2017-08-05 CVE-2017-9860 Improper Authentication vulnerability in SMA products
** DISPUTED ** An issue was discovered in SMA Solar Technology products.
network
low complexity
sma CWE-287
critical
10.0
2017-08-05 CVE-2017-9859 Use of a Broken or Risky Cryptographic Algorithm vulnerability in SMA products
** DISPUTED ** An issue was discovered in SMA Solar Technology products.
network
low complexity
sma CWE-327
5.0
2017-08-05 CVE-2017-9858 Information Exposure vulnerability in SMA products
** DISPUTED ** An issue was discovered in SMA Solar Technology products.
network
low complexity
sma CWE-200
5.0
2017-08-05 CVE-2017-9857 Improper Authentication vulnerability in SMA products
** DISPUTED ** An issue was discovered in SMA Solar Technology products.
network
sma CWE-287
4.3