SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://en.sungrowpower.com/security-notice-detail-2/5961 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
29 May 2025, 16:02
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Sungrowpower winet-s Firmware
Sungrowpower winet-s Sungrowpower |
|
| CPE | cpe:2.3:h:sungrowpower:winet-s:-:*:*:*:*:*:*:* cpe:2.3:o:sungrowpower:winet-s_firmware:*:*:*:*:*:*:*:* |
|
| References | () https://en.sungrowpower.com/security-notice-detail-2/5961 - Vendor Advisory |
24 Jan 2025, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-01-24 23:15
Updated : 2025-05-29 16:02
NVD link : CVE-2024-50695
Mitre link : CVE-2024-50695
JSON object : View
Products Affected
sungrowpower
- winet-s_firmware
- winet-s
CWE
No CWE.