Vulnerabilities > SMA > High

DATE CVE VULNERABILITY TITLE RISK
2022-04-07 CVE-2021-46416 Authorization Bypass Through User-Controlled Key vulnerability in SMA Sunny Tripower Firmware 3.10.16.R
Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups accessing due to insecure cookie handling.
network
low complexity
sma CWE-639
8.1
2019-10-09 CVE-2019-13529 Cross-Site Request Forgery (CSRF) vulnerability in SMA Sunny Webbox Firmware 1.6
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior.
network
low complexity
sma CWE-352
8.8
2017-08-05 CVE-2017-9864 Unspecified vulnerability in SMA products
An issue was discovered in SMA Solar Technology products.
network
low complexity
sma
7.5
2017-08-05 CVE-2017-9863 Cross-Site Request Forgery (CSRF) vulnerability in SMA products
An issue was discovered in SMA Solar Technology products.
network
low complexity
sma CWE-352
8.8
2017-08-05 CVE-2017-9862 Information Exposure vulnerability in SMA Sunny Explorer
An issue was discovered in SMA Solar Technology products.
network
low complexity
sma CWE-200
7.5
2017-08-05 CVE-2017-9858 Information Exposure vulnerability in SMA products
An issue was discovered in SMA Solar Technology products.
network
low complexity
sma CWE-200
7.5
2017-08-05 CVE-2017-9857 Improper Authentication vulnerability in SMA products
An issue was discovered in SMA Solar Technology products.
network
high complexity
sma CWE-287
8.1
2017-08-05 CVE-2017-9851 Unspecified vulnerability in SMA Sunny Explorer
An issue was discovered in SMA Solar Technology products.
network
low complexity
sma
7.5