CNNVD-202506-1584 Information

CNNVD ID

CNNVD-202506-1584

Related CVE

CVE-2025-29756

• CNNVD Published: 2025-06-11

Description (Chinese)

Sungrow iSolarCloud（阳光云）是中国阳光电源（Sungrow）公司的一款用于监控和管理光伏电站的软件。 Sungrow iSolarCloud存在安全漏洞，该漏洞源于MQTT服务限制不足，可能导致订阅任意主题并解密所有消息。

Description (English)

Sungrow i SolarClaud (Sunlight Cloud) is a software for monitoring and managing photovoltaic power plants in China Sunshine Power (Sungrow). There is a security loophole in Sungrow i SolarClaud, which stems from inadequate MQTT service restrictions, which may lead to subscription to any theme and decryption of all messages.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

阳光电源

Published

2025-06-11

Last Modified

2026-02-24

References

https://csirt.divd.nl/CVE-2025-29756 https://isolarcloud.com https://csirt.divd.nl/DIVD-2025-00009 https://nvd.nist.gov/vuln/detail/CVE-2025-29756

Patch

https://en.sungrowpower.com/productDetail/987/cloud-platform-isolarcloud