CVE-2025-36752

Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented credentials which allows significant level access to the device, such as allowing any attacker to access the Setting Center. This means that this is effectively backdoor for all devices utilizing a Growatt ShineLan-X communication dongle.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://csirt.divd.nl/CVE-2025-36752/	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:growatt:shine_lan-x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:growatt:shine_lan-x:-:*:*:*:*:*:*:*

History

14 Jan 2026, 18:05

Type	Values Removed	Values Added
CPE		cpe:2.3:o:growatt:shine_lan-x_firmware:::::::: cpe:2.3:h:growatt:shine_lan-x:-:::::::*
First Time		Growatt shine Lan-x Firmware Growatt Growatt shine Lan-x
References	~~() https://csirt.divd.nl/CVE-2025-36752/ -~~	() https://csirt.divd.nl/CVE-2025-36752/ - Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8

13 Dec 2025, 16:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-12-13 16:16

Updated : 2026-01-14 18:05

NVD link : CVE-2025-36752

Mitre link : CVE-2025-36752

CVE.ORG link : CVE-2025-36752

JSON object : View

Products Affected

growatt

shine_lan-x
shine_lan-x_firmware

CWE

CWE-798

Use of Hard-coded Credentials

{"id": "CVE-2025-36752", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "csirt@divd.nl", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.4, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-12-13T16:16:54.300", "references": [{"url": "https://csirt.divd.nl/CVE-2025-36752/", "tags": ["Third Party Advisory"], "source": "csirt@divd.nl"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "csirt@divd.nl", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented\u00a0credentials\u00a0which\u00a0allows significant level access to the device, such as\u00a0allowing any attacker to access the Setting\u00a0Center. This means that this is effectively backdoor for all devices utilizing a Growatt ShineLan-X communication dongle."}], "lastModified": "2026-01-14T18:05:00.300", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:growatt:shine_lan-x_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1176EDB4-C08F-4592-8C16-321A8A0539C4", "versionEndExcluding": "3.6.0.2", "versionStartIncluding": "3.6.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:growatt:shine_lan-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DD537AAA-F836-496A-BC05-6CAED38FB271"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "csirt@divd.nl"}