CVE-2019-13529 - AskarLabs CVE Database

CVE-2019-13529

Vendor Sma Solar Technology Ag

Product Sunny WebBox

Weakness CWE-352 · CSRF

Published October 9, 2019

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which would increase the ease of exploitation.

Key dates

02Disclosure timeline

October 9, 2019 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2019-13529 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/352.html

Related vulnerabilities

04Related CVE

CVE-2021-40335 Cross Site Request Forgery (CSRF) in Hitachi Energy’s MSM Product CVE-2025-23821 WordPress WP Cookies Alert plugin <= 1.1.1 - CSRF to Stored XSS vulnerability CVE-2022-46865 WordPress Bulk Resize Media Plugin <= 1.1 is vulnerable to Cross Site Request Forgery (CSRF) CVE-2025-31807 WordPress Product Notices for WooCommerce plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) vulnerability CVE-2019-25238 V-SOL GPON/EPON OLT Platform 2.03 Cross-Site Request Forgery Vulnerability