cvedb.io
CVE-2019-13529
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2019-10-09T16:15:14.310 · Last modified 2026-07-13T17:16:27.167

Summary

An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which would increase the ease of exploitation.

Affected products

sma — sunny_webbox_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when sma ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.