Auo Solar Data Recorder vulnerabilities
2 known vulnerabilities affecting auo/solar_data_recorder.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2019-11367P3CRITICALCVSS 9.8fixed in 1.3.02019-06-03
CVE-2019-11367 [CRITICAL] CWE-311 CVE-2019-11367: An issue was discovered in AUO Solar Data Recorder before 1.3.0. The web portal uses HTTP Basic Auth
An issue was discovered in AUO Solar Data Recorder before 1.3.0. The web portal uses HTTP Basic Authentication and provides the account and password in the WWW-Authenticate attribute. By using this account and password, anyone can login successfully.
nvd
CVE-2019-11368P4MEDIUMCVSS 5.4PoCfixed in 1.3.02019-06-03
CVE-2019-11368 [MEDIUM] CWE-79 CVE-2019-11368: Stored XSS was discovered in AUO Solar Data Recorder before 1.3.0 via the protect/config.htm addr pa
Stored XSS was discovered in AUO Solar Data Recorder before 1.3.0 via the protect/config.htm addr parameter.
nvd