Fronius Datamanager Box 2.0 Firmware vulnerabilities
2 known vulnerabilities affecting fronius/datamanager_box_2.0_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2019-19228P2CRITICALCVSS 9.8fixed in 3.14.12019-12-04
CVE-2019-19228 [CRITICAL] CWE-312 CVE-2019-19228: Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allow attackers to bypass authentication be
Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allow attackers to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file.
nvd
CVE-2019-19229P3MEDIUMCVSS 6.5fixed in 3.14.12019-12-04
CVE-2019-19229 [MEDIUM] CWE-22 CVE-2019-19229: admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allows action=
admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allows action=download&filename= Directory Traversal.
nvd