← voltar
CVE-2025-15574

Insecure Credential Generation for Solax Power Pocket WiFi models MQTT Cloud Connection

CVSS 6.5 MEDIUMEPSS 0.2%CWE-330
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 6.5EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
12 fev 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
When connecting to the Solax Cloud MQTT server the username is the "registration number", which is the 10 character string printed on the SolaX Power Pocket device / the QR code on the device. The password is derived from the "registration number" using a proprietary XOR/transposition algorithm. Attackers with the knowledge of the registration numbers can connect to the MQTT server and impersonate the dongle / inverters.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Produtos afetados
SolaX Power · Pocket WiFi 3.0SolaX Power · Pocket WiFi 4.0SolaX Power · Pocket WiFi+4GMSolaX Power · Pocket WiFi+LANSolaX Power · Pocket WiFi+LAN 2.0

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://r.sec-consult.com/solax