| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-21876 | Unauthenticated Path Traversal via URL Parameter in Enphase IQ Gateway version < 8.2.4225 | Enphase | IQ Gateway | - | - | 2024-08-10 17:44:50 | Deep Dive |
| CVE-2024-21879 | URL parameter manipulations allows an authenticated attacker to execute arbitrary OS commands in Enphase IQ Gateway v4.x to v8.x and < v8.2.4225 | Enphase | Envoy | - | - | 2024-08-10 17:44:50 | Deep Dive |
| CVE-2024-21877 | Insecure File Generation Based on User Input in Enphase IQ Gateway version 4.x to 8.x and < 8.2.4225 | Enphase | Envoy | - | - | 2024-08-10 17:44:49 | Deep Dive |
| CVE-2024-21878 | Command Injection through Unsafe File Name Evaluation in internal script in Enphase IQ Gateway v4.x to and including 8.x | Enphase | Envoy | - | - | 2024-08-10 17:44:49 | Deep Dive |
| CVE-2024-21880 | URL parameter manipulations allows an authenticated attacker to execute arbitrary OS commands in Enphase IQ Gateway version 4.x <= 7.x | Enphase | Envoy | - | - | 2024-08-10 17:44:48 | Deep Dive |
| CVE-2024-21881 | Upload of encrypted packages allows authenticated command execution in Enphase IQ Gateway v4.x and v5.x | Enphase | Envoy | - | - | 2024-08-10 17:44:48 | Deep Dive |
| CVE-2023-33869 | Enphase Envoy OS Command Injection | Enphase | Envoy | Medium | 6.3 | 2023-06-20 19:43:47 | Deep Dive |
| CVE-2023-32274 | Enphase Installer Toolkit Android App Use of Hard-coded Credentials | Enphase | Enphase Installer Toolkit | High | 8.6 | 2023-06-20 19:38:42 | Deep Dive |