| tiêu đề | Papendorf Software Engineering GmbH Secure PV Monitoring 3.3.0.0 Missing Authentication for Critical Function |
|---|
| Mô tả | Description:
Papendorf Software Engineering GmbH's Secure PV Monitoring System contains multiple web interfaces that fail to enforce proper authentication or authorization mechanisms. This improper access control allows unauthenticated attackers to remotely retrieve sensitive operational data from the photovoltaic (PV) system without requiring valid credentials.
Affected Products and Versions:
Secure PV Monitoring - PLATINUM Inverter Edition (Software version: x.x.x.x) Secure PV Monitoring - Danfoss Solar Inverter Edition (Software version: 1.3.5) Secure PV Monitoring - SMA Inverter Edition (Software version: 1.3.5)
Impact:
Exploiting this vulnerability enables attackers to access:
Real-time and historical power generation data, including granular metrics about the PV system's energy output.
Real-time operational status of individual inverters, revealing performance parameters, operational modes, and potential fault conditions. |
|---|
| Nguồn | ⚠️ https://github.com/zeke2997/CVE_request_Papendorf_Software_Engineering_GmbH |
|---|
| Người dùng | zeke (UID 84610) |
|---|
| Đệ trình | 27/05/2025 17:23 (cách đây 11 các tháng) |
|---|
| Kiểm duyệt | 08/06/2025 19:44 (12 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 311630 [Papendorf SOL Connect Center 3.3.0.0 Web Interface xác thực yếu] |
|---|
| điểm | 20 |
|---|