Browse all 4 CVE security advisories affecting SENEC. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SENEC develops energy storage systems for residential and commercial use, enabling solar energy self-consumption and grid independence. Historically, their products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from exposed web interfaces and default credentials. Security researchers have identified authentication bypass flaws and insecure firmware updates in multiple SENEC devices, though no major public incidents have been widely reported. The company's CVE history reflects typical IoT security challenges, with vulnerabilities primarily affecting administrative interfaces and communication protocols, highlighting ongoing risks in connected energy infrastructure management.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-39171 | SENEC Storage Box V1,V2 and V3 accidentially expose a management interface — Storage Box V1CWE-668 | 7.2 | High | 2023-12-07 |
| CVE-2023-39169 | SENEC: Storage Box V1,V2 and V3 using default credentials — Storage Box V1CWE-798 | 9.8 | Critical | 2023-12-07 |
| CVE-2023-39167 | SENEC: Storage Box V1,V2 and V3 affected by improper access control vulnerability — Storage Box V1CWE-862 | 7.5 | High | 2023-12-07 |
| CVE-2023-39172 | SENEC: Storage Box V1,V2 and V3 transmitting sensitive data unencrypted — Storage Box V1CWE-319 | 9.1 | Critical | 2023-12-07 |
This page lists every published CVE security advisory associated with SENEC. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.