Authentication Bypass Vulnerability in SolaX Cloud by SolaX
CVE-2025-36757

6.3MEDIUM

Key Information:

Vendor: Solax Power
Status: Solax Cloud
Vendor: CVE Published:; 10 September 2025

🔔 Create Solax Power Vulnerability Alert

What is CVE-2025-36757?

A vulnerability in SolaX Cloud allows attackers to bypass the administrator login screen through parameter tampering. This weakness can facilitate unauthorized access, enabling an attacker to exploit the system's limited functionality without proper authentication. Organizations using SolaX Cloud should take immediate action to mitigate the risk associated with this vulnerability.

Affected Version(s)

SolaX Cloud before 27-06-2025

References

https://csirt.divd.nl/CVE-2025-36757

third-party-advisory

https://csirt.divd.nl/DIVD-2025-00015

third-party-advisory

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 10, 2025
Vulnerability Reserved
Apr 15, 2025

Credit

Humza Ahmad

Max van der Horst