{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-17T03:54:21.250","vulnerabilities":[{"cve":{"id":"CVE-2025-15574","sourceIdentifier":"551230f0-3615-47bd-b7cc-93e92e730bbf","published":"2026-02-12T11:15:49.117","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"When connecting to the Solax Cloud MQTT server the username is the \"registration number\", which is the 10 character string printed on the SolaX Power Pocket device / the QR code on the device. The password is derived from the \"registration number\" using a proprietary XOR/transposition algorithm. Attackers with the knowledge of the registration numbers can connect to the MQTT server and impersonate the dongle / inverters."},{"lang":"es","value":"Al conectarse al servidor MQTT de Solax Cloud, el nombre de usuario es el 'número de registro', que es la cadena de 10 caracteres impresa en el dispositivo SolaX Power Pocket / el código QR del dispositivo. La contraseña se deriva del 'número de registro' utilizando un algoritmo propietario de XOR/transposición. Atacantes con conocimiento de los números de registro pueden conectarse al servidor MQTT e suplantar el dongle / los inversores."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}]},"weaknesses":[{"source":"551230f0-3615-47bd-b7cc-93e92e730bbf","type":"Secondary","description":[{"lang":"en","value":"CWE-330"}]}],"references":[{"url":"https://r.sec-consult.com/solax","source":"551230f0-3615-47bd-b7cc-93e92e730bbf"}]}}]}