← volver
CVE-2025-15574

Insecure Credential Generation for Solax Power Pocket WiFi models MQTT Cloud Connection

CVSS 6.5 MEDIUMEPSS 0.2%CWE-330
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.5EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
12 feb 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
When connecting to the Solax Cloud MQTT server the username is the "registration number", which is the 10 character string printed on the SolaX Power Pocket device / the QR code on the device. The password is derived from the "registration number" using a proprietary XOR/transposition algorithm. Attackers with the knowledge of the registration numbers can connect to the MQTT server and impersonate the dongle / inverters.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Productos afectados
SolaX Power · Pocket WiFi 3.0SolaX Power · Pocket WiFi 4.0SolaX Power · Pocket WiFi+4GMSolaX Power · Pocket WiFi+LANSolaX Power · Pocket WiFi+LAN 2.0

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://r.sec-consult.com/solax