Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Enphase — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting Enphase. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Enphase develops solar microinverter systems and energy management technology for residential and commercial use. Historically, their products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from web interfaces and API endpoints. The company maintains a moderate security posture with six CVEs recorded, primarily affecting older firmware versions. While no major public security incidents have been documented, researchers have identified authentication bypass flaws and insecure default configurations in their systems. Enphase has shown improvement in patch management for recent releases, though legacy devices may remain exposed to known exploits if not properly updated.

Found 5 results / 6Clear Filters
Top products by Enphase: Envoy IQ Gateway
CVE IDTitleCVSSSeverityPublished
CVE-2024-21879 URL parameter manipulations allows an authenticated attacker to execute arbitrary OS commands in Enphase IQ Gateway v4.x to v8.x and < v8.2.4225 — EnvoyCWE-77 8.8AIHighAI2024-08-10
CVE-2024-21878 Command Injection through Unsafe File Name Evaluation in internal script in Enphase IQ Gateway v4.x to and including 8.x — EnvoyCWE-77 8.8AIHighAI2024-08-10
CVE-2024-21877 Insecure File Generation Based on User Input in Enphase IQ Gateway version 4.x to 8.x and < 8.2.4225 — EnvoyCWE-22 8.1AIHighAI2024-08-10
CVE-2024-21881 Upload of encrypted packages allows authenticated command execution in Enphase IQ Gateway v4.x and v5.x — EnvoyCWE-326 8.8AIHighAI2024-08-10
CVE-2024-21880 URL parameter manipulations allows an authenticated attacker to execute arbitrary OS commands in Enphase IQ Gateway version 4.x <= 7.x — EnvoyCWE-77 8.8AIHighAI2024-08-10

This page lists every published CVE security advisory associated with Enphase. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.