Hamid Rahmouni

**Name of the Vulnerable Software and Affected Versions** ShineLan-X (affected versions not specified) **Description** The software contains a stored cross site scripting (XSS) issue in the `Plant Name` field. A malicious HTML payload can be displayed on the plant management page through a direct post, potentially allowing an attacker to execute malicious code within a legitimate user's browser. The issue involves the injection of a crafted payload via the `Plant Name` field. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ShineLan-X version 3.6.0.0 **Description** The firmware for ShineLan-X contains hard-coded credentials for an FTP server, enabling insecure FTP connections. This allows an attacker to replace legitimate files with malicious versions, as firmware signature verification is not enforced. **Recommendations** Restrict access to the FTP server. Apply a patch to address the hard-coded credentials.

**Name of the Vulnerable Software and Affected Versions** ShineLan-X (affected versions not specified) **Description** The software contains a stored cross site scripting (XSS) issue within the local configuration web server. An attacker could inject a JavaScript code snippet into the settings center of the communication module. This could lead to the execution of malicious code within a legitimate user's browser. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** versions prior to 2025 (affected versions not specified) **Description** The authentication mechanism on the web interface is flawed, allowing bypass of authentication checks through crafted POST requests with new settings. This is due to the absence of session tokens or authentication measures. An attacker could redirect the device to an arbitrary address for domain name resolution, potentially enabling a man-in-the-middle (MitM) attack. The vulnerability involves crafting a POST request to manipulate settings without proper authentication. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Growatt ShineLan-X communication dongle (affected versions not specified) **Description** The Growatt ShineLan-X communication dongle contains an undocumented backup account with undocumented credentials. This allows significant access to the device, including access to the Setting Center, effectively creating a backdoor for devices utilizing the dongle. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Growatt ShineLan-X communication dongle (affected versions not specified) **Description** The SWD debug interface on the device is enabled by default. This allows an attacker to gain debug access, potentially enabling the extraction of sensitive information such as secrets or domains stored within the device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SolarEdge SE3680H (affected versions not specified) **Description** The SolarEdge SE3680H device has a debug/test interface that is accessible without authentication. This allows unauthorized individuals to view internal system information and execute debug commands. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.