Product
growatt shine lan x firmware
5 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-36753
CVE-2025-36752
CVE-2025-36750
CVE-2025-36748
CVE-2025-36747
>= 3.6.0.0 and < 3.6.0.2
The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain deb
>= 3.6.0.0 and < 3.6.0.2
Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented credentials which allows significa
>= 3.6.0.0 and < 3.6.0.2
ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the Plant Name field. A HTML payload will be displayed
>= 3.6.0.0 and < 3.6.0.2
ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the local configuration web server. The JavaScript code
>= 3.6.0.0 and < 3.6.0.2
ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insec