SMA: Directory Traversal in Sunny Boy

VDE-2025-066

Last update

27.08.2025 10:00

Published at

27.08.2025 10:00

Vendor(s)

SMA Solar Technology AG

External ID

VDE-2025-066

CSAF Document

Download

Summary

A security researcher discovered a Directory Traversal vulnerability in Sunny Boy 3, which allows remote attackers to access sensitive information.
The vulnerability is already fixed since January 2021 with version 3.10.27.R.

Impact

An authenticated user can access files and directories outside the intended web root.

Affected Product(s)

Model no.	Product name	Affected versions
SB3.0-1AV-41	Sunny Boy 3.0	Firmware <3.10.27.R
SB3.6-1AV-41	Sunny Boy 3.6	Firmware <3.10.27.R
SB4.0-1AV-41	Sunny Boy 4.0	Firmware <3.10.27.R
SB5.0-1AV-41	Sunny Boy 5.0	Firmware <3.10.27.R
SB6.0-1AV-41	Sunny Boy 6.0	Firmware <3.10.27.R

Vulnerabilities

Expand / Collapse all

Published

24.09.2025 12:42

Severity

6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Weakness

Relative Path Traversal (CWE-23)

Summary

An authorized remote attacker can access files and directories outside the intended web root, potentially exposing sensitive system information of the affected Sunny Boy devices.

References

cve.org | nvd.nist.gov

Remediation

Update Firmware to at least version 3.10.27.R.

Acknowledgments

SMA Solar Technology AG thanks the following parties for their efforts:

CERT@VDE for coordination (see https://certvde.com )
Ahmed Alroky from KOIN Network for reporting

Revision History

Version	Date	Summary
1.0.0	27.08.2025 10:00	Initial revision.

SMA: Directory Traversal in Sunny Boy

Summary

Impact

Affected Product(s)

Vulnerabilities

CVE-2021-4459 6.5

Remediation

Acknowledgments

Revision History