Shoutcast Server 2.6.0.753 Crash Vulnerability

Shoutcast server version 2.6.0.753 suffers from a remote authenticated crash vulnerability. Shoutcast Server Remote Authenticated Crash ===== Intro ===== Shoutcast Server crashes after failing to handle a non-existent option recieved from a client in an ADMINCGI request. Requires auth to reproduc...

Shoutcast Server 2.6.0.753 Crash

Shoutcast Server Remote Authenticated Crash ===== Intro ===== Shoutcast Server crashes after failing to handle a non-existent option recieved from a client in an ADMINCGI request. Requires auth to reproduce, so not super exciting but Shoutcast is an old favorite and the minimization of the repro ...

Directory traversal

admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 HM 1.12.1 allows action=download&filename= Directory Traversal...

CVE-2019-19229

CVE-2019-19229 affects Fronius Solar Inverter devices prior to 3.14.1 (HM 1.12.1). The vulnerability resides in the admincgi-bin/service.fcgi endpoint and is a Directory Traversal flaw triggered by action=download&filename=, potentially exposing restricted files. Explicit exploit details are not ...

Fronius Solar Inverter Series Path Traversal Vulnerability

The Fronius Solar Inverter is a photovoltaic inverter device from the Austrian company Fronius. A path traversal vulnerability exists in admincgi-bin/service.fcgi in versions prior to Fronius Solar Inverter 3.14.1 HM 1.12.1. The vulnerability stems from a failure of a network system or product to...