Vulnerabilities (CVE)

Filtered by vendor Kaco-newenergy Subscribe
Filtered by product Xp100u
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3252 1 Kaco-newenergy 2 Xp100u, Xp100u Firmware 2024-02-04 5.0 MEDIUM 7.5 HIGH
KACO New Energy XP100U Up to XP-JAVA 2.0 is affected by incorrect access control. Credentials will always be returned in plain-text from the local server during the KACO XP100U authentication process, regardless of whatever passwords have been provided, which leads to an information disclosure vulnerability.