CVE-2025-29757

Sažetak

An incorrect authorisation check in the the 'plant transfer' function of the Growatt cloud service allowed a malicous attacker with a valid account to transfer any plant into his/her account.

Reference

https://csirt.divd.nl/CVE-2025-29757
https://csirt.divd.nl/DIVD-2025-00011
https://oss.growatt.com
https://server.growatt.com

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

22-07-2025 - 13:06

Objavljeno

19-07-2025 - 06:15