Vulnerabilities > SMA > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-26 | CVE-2024-1889 | Cross-Site Request Forgery (CSRF) vulnerability in SMA Clcon-10 Firmware and Clcon-S-10 Firmware Cross-Site Request Forgery vulnerability in SMA Cluster Controller, affecting version 01.05.01.R. | 8.8 |
| 2022-04-07 | CVE-2021-46416 | Authorization Bypass Through User-Controlled Key vulnerability in SMA Sunny Tripower Firmware 3.10.16.R Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups accessing due to insecure cookie handling. | 8.1 |
| 2019-10-09 | CVE-2019-13529 | Cross-Site Request Forgery (CSRF) vulnerability in SMA Sunny Webbox Firmware 1.6 An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. | 8.8 |
| 2017-08-05 | CVE-2017-9864 | Unspecified vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 7.5 |
| 2017-08-05 | CVE-2017-9863 | Cross-Site Request Forgery (CSRF) vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 8.8 |
| 2017-08-05 | CVE-2017-9862 | Information Exposure vulnerability in SMA Sunny Explorer An issue was discovered in SMA Solar Technology products. | 7.5 |
| 2017-08-05 | CVE-2017-9858 | Information Exposure vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 7.5 |
| 2017-08-05 | CVE-2017-9857 | Improper Authentication vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 8.1 |
| 2017-08-05 | CVE-2017-9851 | Unspecified vulnerability in SMA Sunny Explorer An issue was discovered in SMA Solar Technology products. | 7.5 |