Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which would increase the ease of exploitation.
CVSS Information
N/A
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
SMA Solar Technology Sunny WebBox 跨站请求伪造漏洞
Vulnerability Description
SMA Solar Technology Sunny WebBox是德国艾思玛太阳能技术(SMA Solar Technology)公司的一款用于记录、存储、显示和传输太阳能系统数据的设备。 使用1.6及之前版本固件的SMA Solar Technology Sunny WebBox中存在跨站请求伪造漏洞。该漏洞源于WEB应用未充分验证请求是否来自可信用户。攻击者可利用该漏洞通过受影响客户端向服务器发送非预期的请求。
CVSS Information
N/A
Vulnerability Type
N/A