{"vulnerability": "CVE-2024-5069", "sightings": [{"uuid": "603702d8-34f4-4122-9cbc-ab0016e26d1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50697", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113901810078905700", "content": "", "creation_timestamp": "2025-01-27T18:48:14.590534Z"}, {"uuid": "36461a33-6fb0-4b83-8af4-480c27c57c5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50696", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lj4jztbvsh2w", "content": "", "creation_timestamp": "2025-02-26T23:33:21.137943Z"}, {"uuid": "7371d985-1e6f-4ecc-94d0-22c391d0a1ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50691", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lj4jztungb26", "content": "", "creation_timestamp": "2025-02-26T23:33:23.045309Z"}, {"uuid": "1b5bd600-34f1-4692-94d5-e16785ba250f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50691", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-12", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "a4e17b6d-a8ce-41c6-96ef-9bd5e2e153a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50696", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114072408550773487", "content": "", "creation_timestamp": "2025-02-26T21:53:40.710616Z"}, {"uuid": "fb7254d2-c5ac-4bd5-90e4-28b7d655e207", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50693", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114072408550773487", "content": "", "creation_timestamp": "2025-02-26T21:53:40.772029Z"}, {"uuid": "99478081-a3b4-4db0-99cd-68b69c74ddd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50691", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114072408550773487", "content": "", "creation_timestamp": "2025-02-26T21:53:40.835503Z"}, {"uuid": "df049196-d1f4-4d77-a5a9-64dfd493f62e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50693", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-12", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "b9ce5d8d-9d41-4b2f-bf24-c332a8be766f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50690", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-12", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "62f14cf0-915a-4123-aff2-826c49b4bac5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50694", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-12", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "e0892509-0646-4108-a0de-490987e10e70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50697", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-12", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "ab106209-d634-4284-98bc-a5c39f1c86d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50698", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-12", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "d963a265-3b70-48f1-b9b5-6b07b151f94b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50696", "type": "seen", "source": "https://t.me/cvedetector/18971", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50696 - SunGrow WiNet-S Firmware Update Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-50696 \nPublished : Feb. 26, 2025, 9:15 p.m. | 1\u00a0hour, 33\u00a0minutes ago \nDescription : SunGrow WiNet-S V200.001.00.P025 and earlier versions is missing integrity checks for firmware upgrades. Sending a specific MQTT message allows an update to an inverter or a WiNet connectivity dongle with a bogus firmware file that is located on attacker-controlled server. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T00:19:35.000000Z"}, {"uuid": "9650e40a-1603-4888-978a-2c6a4a57e27a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50696", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-12", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "16d83d84-2b2f-4b10-acdb-ccfde0c7f480", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50692", "type": "seen", "source": "https://t.me/cvedetector/16354", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50692 - SunGrow WiNet-SV200 MQTT Broker Information Disclosure and Authentication Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50692 \nPublished : Jan. 24, 2025, 11:15 p.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : SunGrow WiNet-SV200.001.00.P027 and earlier versions contains hardcoded MQTT credentials that allow an attacker to send arbitrary commands to an arbitrary inverter. It is also possible to impersonate the broker, because TLS is not used to identify the real MQTT broker. This means that MQTT communications are vulnerable to MitM attacks at the TCP/IP level. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-25T02:07:12.000000Z"}, {"uuid": "e94079c1-4cc0-42ec-8f08-ec39e3fa48b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50690", "type": "seen", "source": "https://t.me/cvedetector/16353", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50690 - SunGrow WiNet-SV200 Password Decryption Weakness\", \n  \"Content\": \"CVE ID : CVE-2024-50690 \nPublished : Jan. 24, 2025, 11:15 p.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be used to decrypt all firmware updates. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-25T02:07:08.000000Z"}, {"uuid": "c5ad3f58-1cf7-473e-89ec-dcbab06c9a74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50698", "type": "seen", "source": "https://t.me/cvedetector/16352", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50698 - SunGrow WiNet-SV200 Memory Corruption Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50698 \nPublished : Jan. 24, 2025, 11:15 p.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to heap-based buffer overflow due to bounds checks of the MQTT message content. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-25T02:07:08.000000Z"}, {"uuid": "0521480d-44f5-4e3a-a7d7-7301605d16a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50695", "type": "seen", "source": "https://t.me/cvedetector/16351", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50695 - SunGrow WiNet-SV200 Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50695 \nPublished : Jan. 24, 2025, 11:15 p.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-25T02:07:07.000000Z"}, {"uuid": "b49d3fa9-64d5-4fd6-a6c7-beccea0edd76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50697", "type": "seen", "source": "https://t.me/cvedetector/16350", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50697 - SunGrow WiNet-SV200 Buffer Overflow in MQTT Decryption\", \n  \"Content\": \"CVE ID : CVE-2024-50697 \nPublished : Jan. 24, 2025, 11:15 p.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when decrypting MQTT messages, the code that parses specific TLV fields does not have sufficient bounds checks. This may result in a stack-based buffer overflow. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-25T02:07:06.000000Z"}, {"uuid": "446959f8-b382-404b-bd44-a5583bfe4212", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50692", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-12", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "730d262b-55fd-4afd-b635-26ea74b522af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50695", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-12", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "ce98e97e-bef1-4f3f-9c3a-102929466526", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50694", "type": "seen", "source": "https://t.me/cvedetector/16349", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50694 - SunGrow WiNet-SV200 MQTT Stack-Based Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-50694 \nPublished : Jan. 24, 2025, 11:15 p.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when copying the timestamp read from an MQTT message, the underlying code does not check the bounds of the buffer that is used to store the message. This may lead to a stack-based buffer overflow. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-25T02:07:06.000000Z"}, {"uuid": "902be4cc-e5b6-4c68-82ff-d9a90f8203fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50693", "type": "seen", "source": "https://t.me/cvedetector/18970", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50693 - SunGrow iSolarCloud IDOR\", \n  \"Content\": \"CVE ID : CVE-2024-50693 \nPublished : Feb. 26, 2025, 9:15 p.m. | 1\u00a0hour, 33\u00a0minutes ago \nDescription : SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references (IDOR) via the userService API model. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T00:19:34.000000Z"}, {"uuid": "0c0f25d6-cfb8-4b90-9d84-bee16e923c15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50691", "type": "seen", "source": "https://t.me/cvedetector/18969", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50691 - SunGrow iSolarCloud Man-in-the-Middle Attack\", \n  \"Content\": \"CVE ID : CVE-2024-50691 \nPublished : Feb. 26, 2025, 9:15 p.m. | 1\u00a0hour, 33\u00a0minutes ago \nDescription : SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from Missing SSL Certificate Validation. The app explicitly ignores certificate errors and is vulnerable to MiTM attacks. Attackers can impersonate the iSolarCloud server and communicate with the Android app. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T00:19:31.000000Z"}, {"uuid": "7256e35c-a0a2-4319-8cd0-505af5f7669d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50692", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3040", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50692\n\ud83d\udd39 Description: SunGrow WiNet-SV200.001.00.P027 and earlier versions contains hardcoded MQTT credentials that allow an attacker to send arbitrary commands to an arbitrary inverter. It is also possible to impersonate the broker, because TLS is not used to identify the real MQTT broker. This means that MQTT communications are vulnerable to MitM attacks at the TCP/IP level.\n\ud83d\udccf Published: 2025-01-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-24T22:56:35.998Z\n\ud83d\udd17 References:\n1. https://en.sungrowpower.com/security-notice-detail-2/5961", "creation_timestamp": "2025-01-24T23:04:54.000000Z"}, {"uuid": "fe300f75-85ed-4788-aa4d-c6b16c769c99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50695", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3036", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50695\n\ud83d\udd39 Description: SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks.\n\ud83d\udccf Published: 2025-01-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-24T23:00:21.742Z\n\ud83d\udd17 References:\n1. https://en.sungrowpower.com/security-notice-detail-2/5961", "creation_timestamp": "2025-01-24T23:04:51.000000Z"}, {"uuid": "3f52904e-aff3-47fc-bd9d-8210f89a35fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50698", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3041", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50698\n\ud83d\udd39 Description: SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to heap-based buffer overflow due to bounds checks of the MQTT message content.\n\ud83d\udccf Published: 2025-01-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-24T23:01:22.613Z\n\ud83d\udd17 References:\n1. https://en.sungrowpower.com/security-notice-detail-2/5961", "creation_timestamp": "2025-01-25T00:05:10.000000Z"}, {"uuid": "398ec94e-2c5f-43ad-b9c4-a7d32e9b21fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50690", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3039", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50690\n\ud83d\udd39 Description: SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be used to decrypt all firmware updates.\n\ud83d\udccf Published: 2025-01-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-24T22:57:30.177Z\n\ud83d\udd17 References:\n1. https://en.sungrowpower.com/security-notice-detail-2/5961", "creation_timestamp": "2025-01-24T23:04:53.000000Z"}, {"uuid": "14918b0c-b4f3-4593-b447-d4cff7848c8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50696", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6445", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50696\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: SunGrow WiNet-S V200.001.00.P025 and earlier versions is missing integrity checks for firmware upgrades. Sending a specific MQTT message allows an update to an inverter or a WiNet connectivity dongle with a bogus firmware file that is located on attacker-controlled server.\n\ud83d\udccf Published: 2025-02-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-04T21:09:49.150Z\n\ud83d\udd17 References:\n1. https://en.sungrowpower.com/security-notice-detail-2/6140", "creation_timestamp": "2025-03-04T21:35:57.000000Z"}, {"uuid": "eefd1f02-c9a1-477f-b043-cc704b9bf082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50694", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3038", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50694\n\ud83d\udd39 Description: In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when copying the timestamp read from an MQTT message, the underlying code does not check the bounds of the buffer that is used to store the message. This may lead to a stack-based buffer overflow.\n\ud83d\udccf Published: 2025-01-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-24T22:58:40.424Z\n\ud83d\udd17 References:\n1. https://en.sungrowpower.com/security-notice-detail-2/5961", "creation_timestamp": "2025-01-24T23:04:52.000000Z"}, {"uuid": "0a40ca9f-db5f-4dfe-b355-7a8fa7a2d5c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50697", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3037", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50697\n\ud83d\udd39 Description: In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when decrypting MQTT messages, the code that parses specific TLV fields does not have sufficient bounds checks. This may result in a stack-based buffer overflow.\n\ud83d\udccf Published: 2025-01-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-24T22:59:36.437Z\n\ud83d\udd17 References:\n1. https://en.sungrowpower.com/security-notice-detail-2/5961", "creation_timestamp": "2025-01-24T23:04:51.000000Z"}, {"uuid": "881e8d77-96cd-492d-9606-7b4047765675", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50693", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6442", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50693\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references (IDOR) via the userService API model.\n\ud83d\udccf Published: 2025-02-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-04T21:13:37.985Z\n\ud83d\udd17 References:\n1. https://en.sungrowpower.com/security-notice-detail-2/6120", "creation_timestamp": "2025-03-04T21:35:54.000000Z"}, {"uuid": "3935307f-9fa2-402b-ab01-e1e97aa99208", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50691", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6441", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50691\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from Missing SSL Certificate Validation. The app explicitly ignores certificate errors and is vulnerable to MiTM attacks. Attackers can impersonate the iSolarCloud server and communicate with the Android app.\n\ud83d\udccf Published: 2025-02-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-04T21:15:45.230Z\n\ud83d\udd17 References:\n1. https://en.sungrowpower.com/security-notice-detail-2/6124", "creation_timestamp": "2025-03-04T21:35:50.000000Z"}, {"uuid": "a5317d6f-d113-4522-89f2-1033d541275f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50699", "type": "seen", "source": "https://t.me/cvedetector/12548", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50699 - TP-Link TL-WR845N Default Credentials Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50699 \nPublished : Dec. 10, 2024, 7:15 p.m. | 33\u00a0minutes ago \nDescription : TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 were discovered to contain weak default credentials for the Administrator account. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-10T20:49:39.000000Z"}, {"uuid": "4d22af52-fa52-4b16-af2c-ee74d14f7e73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5069", "type": "seen", "source": "Telegram/Ap6CdVrTO5c5fDKGOQKSf9H1zJYnC-JZJJpme98ZCqt8QVJy", "content": "", "creation_timestamp": "2025-02-14T10:03:08.000000Z"}]}