exploitDog

GHSA-qx2g-8xw4-6pqp

Опубликовано: 26 фев. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application (regardless of the user account) and the cloud uses the same MQTT credentials for exchanging the device telemetry.

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application (regardless of the user account) and the cloud uses the same MQTT credentials for exchanging the device telemetry.

Ссылки

EPSS

Процентиль: 37%

0.00156

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-798

Связанные уязвимости

CVE-2024-50688

CVSS3: 9.8

nvd

12 месяцев назад

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application (regardless of the user account) and the cloud uses the same MQTT credentials for exchanging the device telemetry.

EPSS

Процентиль: 37%

0.00156

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-798