📦 Shine Lan X Firmware
by Growatt
🔍 What is Shine Lan X Firmware?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
The Growatt ShineLan-X communication dongle contains an undocumented backup account with hardcoded credentials, creating a backdoor that allows attackers to access the device's Setting Center with sig...
The SWD debug interface on Growatt ShineLan-X communication dongles is enabled by default, allowing attackers to gain debug access to extract secrets or domains from the device. This affects all users...
CVE-2025-36747 is a critical vulnerability in ShineLan-X firmware where hardcoded FTP credentials allow attackers to establish insecure connections. This enables file replacement attacks since firmwar...
ShineLan-X contains a stored cross-site scripting (XSS) vulnerability in the Plant Name field that allows attackers to inject malicious HTML/JavaScript payloads. When exploited, this can execute arbit...
ShineLan-X's local configuration web server has a stored XSS vulnerability in the communication module settings center. Attackers can inject malicious JavaScript that executes in legitimate users' bro...