CVE-2025-36756
Severity CVSS v4.0:
MEDIUM
Type:
CWE-306
Missing Authentication for Critical Function
Publication date:
10/09/2025
Last modified:
11/09/2025
Description
A problem with missing authorization on SolaX Cloud platform allows taking over any SolaX solarpanel inverter of which the serial number is known.