Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Growatt — Vulnerabilities & Security Advisories 38

Browse all 38 CVE security advisories affecting Growatt. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Growatt:Cloud portalShineLan-Xhttps://oss.growatt.com
CVE IDTitleCVSSSeverityPublished
CVE-2025-36747 Hardcoded FTP Credentials within the firmware — ShineLan-XCWE-798 9.8AICriticalAI2025-12-13
CVE-2025-36752 Undocumented backup Account and No Password Configuration Capability — ShineLan-XCWE-798 9.8AICriticalAI2025-12-13
CVE-2025-36748 Stored Cross-Site Scripting (XSS) vulnerability in Growatt ShineLan-X — ShineLan-XCWE-79 5.4AIMediumAI2025-12-13
CVE-2025-36754 Authentication bypass on web interface — ShineLan-XCWE-290 7.4AIHighAI2025-12-13
CVE-2025-36750 Stored cross site scripting (XSS) vulnerability in Growatt ShineLan-X — ShineLan-XCWE-79 4.8AIMediumAI2025-12-13
CVE-2025-36753 SWD Interface Open on Growatt ShineLan-X — ShineLan-XCWE-290 9.1AICriticalAI2025-12-13
CVE-2025-36751 Missing encryption on Local Configuration Interface or Cloud Endpoint Communication - Growatt MIC3300TL-X and ShineLan-X — ShineLan-XCWE-311 7.4AIHighAI2025-12-13
CVE-2025-29757 Growatt cloud service 安全漏洞 — https://oss.growatt.comCWE-863 6.5 -2025-07-19
CVE-2025-27929 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-24315 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-27561 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-30257 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-31147 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-31360 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 6.5 Medium2025-04-15
CVE-2025-30512 Growatt Cloud portal External Control of System or Configuration Setting — Cloud portalCWE-15 6.5 Medium2025-04-15
CVE-2025-27927 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-24297 Growatt Cloud portal Cross-site Scripting — Cloud portalCWE-79 9.8 Critical2025-04-15
CVE-2025-30510 Growatt Cloud portal Insufficient Type Distinction — Cloud portalCWE-351 9.8 Critical2025-04-15
CVE-2025-24850 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-25276 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-27565 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-27575 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-31950 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-31945 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-26857 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-27719 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-31654 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-30514 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-27938 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 5.3 Medium2025-04-15
CVE-2025-27939 Growatt Cloud portal Authorization Bypass Through User-Controlled Key — Cloud portalCWE-639 7.5 High2025-04-15

This page lists every published CVE security advisory associated with Growatt. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.