Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Kaco-newenergy Subscribe
Filtered by product Xp100u Firmware
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3252 1 Kaco-newenergy 2 Xp100u, Xp100u Firmware 2021-02-26 5.0 MEDIUM 7.5 HIGH
KACO New Energy XP100U Up to XP-JAVA 2.0 is affected by incorrect access control. Credentials will always be returned in plain-text from the local server during the KACO XP100U authentication process, regardless of whatever passwords have been provided, which leads to an information disclosure vulnerability.