| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-36747 | Hardcoded FTP Credentials within the firmware | Growatt | ShineLan-X | - | - | 2025-12-13 08:16:26 | Deep Dive |
| CVE-2025-36752 | Undocumented backup Account and No Password Configuration Capability | Growatt | ShineLan-X | - | - | 2025-12-13 08:16:25 | Deep Dive |
| CVE-2025-36754 | Authentication bypass on web interface | Growatt | ShineLan-X | - | - | 2025-12-13 08:16:24 | Deep Dive |
| CVE-2025-36748 | Stored Cross-Site Scripting (XSS) vulnerability in Growatt ShineLan-X | Growatt | ShineLan-X | - | - | 2025-12-13 08:16:24 | Deep Dive |
| CVE-2025-36750 | Stored cross site scripting (XSS) vulnerability in Growatt ShineLan-X | Growatt | ShineLan-X | - | - | 2025-12-13 08:16:23 | Deep Dive |
| CVE-2025-36753 | SWD Interface Open on Growatt ShineLan-X | Growatt | ShineLan-X | - | - | 2025-12-13 08:16:22 | Deep Dive |
| CVE-2025-36751 | Missing encryption on Local Configuration Interface or Cloud Endpoint Communication - Growatt MIC3300TL-X and ShineLan-X | Growatt | ShineLan-X | - | - | 2025-12-13 08:16:21 | Deep Dive |
| CVE-2025-29757 | Growatt cloud service 安全漏洞 | Growatt | https://oss.growatt.com | 高危 | - | 2025-07-19 05:15:37 | Deep Dive |
| CVE-2025-27929 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key | Growatt | Cloud portal | Medium | 5.3 | 2025-04-15 21:59:31 | Deep Dive |
| CVE-2025-24315 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key | Growatt | Cloud portal | Medium | 5.3 | 2025-04-15 21:57:28 | Deep Dive |
| CVE-2025-27561 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key | Growatt | Cloud portal | Medium | 5.3 | 2025-04-15 21:55:20 | Deep Dive |
| CVE-2025-30257 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key | Growatt | Cloud portal | Medium | 5.3 | 2025-04-15 21:53:14 | Deep Dive |
| CVE-2025-31147 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key | Growatt | Cloud portal | Medium | 5.3 | 2025-04-15 21:50:39 | Deep Dive |
| CVE-2025-31360 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key | Growatt | Cloud portal | Medium | 6.5 | 2025-04-15 21:48:21 | Deep Dive |
| CVE-2025-30512 | Growatt Cloud portal External Control of System or Configuration Setting | Growatt | Cloud portal | Medium | 6.5 | 2025-04-15 21:45:47 | Deep Dive |
| CVE-2025-27927 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key | Growatt | Cloud portal | Medium | 5.3 | 2025-04-15 21:43:16 | Deep Dive |
| CVE-2025-24297 | Growatt Cloud portal Cross-site Scripting | Growatt | Cloud portal | Critical | 9.8 | 2025-04-15 21:39:24 | Deep Dive |
| CVE-2025-30510 | Growatt Cloud portal Insufficient Type Distinction | Growatt | Cloud portal | Critical | 9.8 | 2025-04-15 21:36:07 | Deep Dive |
| CVE-2025-24850 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key | Growatt | Cloud portal | Medium | 5.3 | 2025-04-15 21:33:06 | Deep Dive |
| CVE-2025-25276 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key | Growatt | Cloud portal | Medium | 5.3 | 2025-04-15 21:25:26 | Deep Dive |