Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Use of Hard-coded Credentials in SunPower PVS6
Vulnerability Description
The SunPower PVS6's BluetoothLE interface is vulnerable due to its use of hardcoded encryption parameters and publicly accessible protocol details. An attacker within Bluetooth range could exploit this vulnerability to gain full access to the device's servicing interface. This access allows the attacker to perform actions such as firmware replacement, disabling power production, modifying grid settings, creating SSH tunnels, altering firewall settings, and manipulating connected devices.
CVSS Information
N/A
Vulnerability Type
使用硬编码的凭证
Vulnerability Title
SunPower PVS6 信任管理问题漏洞
Vulnerability Description
SunPower PVS6是美国SunPower公司的一款太阳能光伏系统的数据监控与通信网关。 SunPower PVS6存在信任管理问题漏洞,该漏洞源于使用硬编码加密参数和公开协议细节,可能导致设备完全访问。
CVSS Information
N/A
Vulnerability Type
N/A