CVE-2024-8893
HIGHGoodWe Technologies Co., Ltd. GW1500-XS - Info Disclosure
Title source: llmDescription
Use of Hard-coded Credentials vulnerability in GoodWe Technologies Co., Ltd. GW1500‑XS allows anyone in physical proximity to the device to fully access the web interface of the inverter via Wi‑Fi.This issue affects GW1500‑XS: 1.1.2.1.
References (1)
Core 1
Core References
Various Sources
https://os-s.net/publications/advisories/CVE-2024-8893.pdf
Scores
CVSS v3
7.3
EPSS
0.0027
EPSS Percentile
18.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-798
Status
published
Products (1)
GoodWe Technologies Co., Ltd./GW1500‑XS
1.1.2.1
Published
Feb 14, 2025
Tracked Since
Feb 18, 2026