ГлавнаяУязвимости → CVE-2024-50688
9.8критическая

CVE-2024-50688

Описание

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application (regardless of the user account) and the cloud uses the same MQTT credentials for exchanging the device telemetry.

Затрагиваемое ПО
Sungrowpower Isolarcloud
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://en.sungrowpower.com/security-notice-detail-2/6122