CVE-2025-15574

CVE-2025-15574: Insecure Credential Generation for Solax Power Pocket WiFi models MQTT Cloud Connection

Vendor Solax Power
Product Pocket WiFi 3.0
Weakness CWE-330 · Insufficient randomness
Published February 12, 2026
Last update February 12, 2026

CVSS base score

What the vulnerability does

01Description

When connecting to the Solax Cloud MQTT server the username is the "registration number", which is the 10 character string printed on the SolaX Power Pocket device / the QR code on the device. The password is derived from the "registration number" using a proprietary XOR/transposition algorithm. Attackers with the knowledge of the registration numbers can connect to the MQTT server and impersonate the dongle / inverters.

Key dates

02Disclosure timeline

February 12, 2026 CVE published
February 12, 2026 Record updated