Vulnerabilities
Vulnerable Software
Growatt:  Security Vulnerabilities
An authenticated attacker can achieve stored XSS by exploiting improper sanitization of the plant name value while adding or editing a plant.
CVSS Score
8.7
EPSS Score
0.003
Published
2025-04-15
An unauthenticated attacker can get users' emails by knowing usernames. A password reset email will be sent in response to this unsolicited request.
CVSS Score
6.9
EPSS Score
0.004
Published
2025-04-15
Unauthenticated attackers can obtain restricted information about a user's smart device collections (i.e., "rooms").
CVSS Score
6.9
EPSS Score
0.004
Published
2025-04-15
An attacker can change registered email addresses of other users and take over arbitrary accounts.
CVSS Score
6.9
EPSS Score
0.008
Published
2025-04-15
An unauthenticated attacker can infer the existence of usernames in the system by querying an API.
CVSS Score
6.9
EPSS Score
0.004
Published
2025-04-15


Contact Us

Shodan ® - All rights reserved