ГлавнаяУязвимости → CVE-2025-36752
9.8критическая

CVE-2025-36752

Описание

Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented credentials which allows significant level access to the device, such as allowing any attacker to access the Setting Center. This means that this is effectively backdoor for all devices utilizing a Growatt ShineLan-X communication dongle.

Затрагиваемое ПО
Growatt Shine lan-x firmwareGrowatt Shine lan-x
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://csirt.divd.nl/CVE-2025-36752/