← Back

Sunny Webbox Firmware

sunny_webbox_firmware

Vendor: Sma • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-1890
1Sma
1Sunny Webbox Firmware
Mar 11, 2025
Feb 26, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which could allow remote attackers to perform a clickjacking attack on Sunny WebBox firmware version 1.6.1 and earlier.
CVE-2019-13529
1Sma
1Sunny Webbox Firmware
Nov 21, 2024
Oct 9, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device u...Show more
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which would increase the ease of exploitation.Show less