22 matches found
EUVD-2019-8855
Malware in sbrugna...
EUVD-2019-8854
Malware in sbrugna...
CVE-2019-19229
admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 HM 1.12.1 allows action=download= Directory Traversal...
CVE-2019-19228
Fronius Solar Inverter devices before 3.14.1 HM 1.12.1 allow attackers to bypass authentication because the password for the today account is stored in the /tmp/webusers.conf file...
Cross site request forgery (csrf)
An issue in Fronius Datalogger Web v.2.0.5-4, allows remote attackers to obtain sensitive information via a crafted request...
PT-2024-12648 · Fronius · Fronius Datalogger Web
Name of the Vulnerable Software and Affected Versions: Fronius Datalogger Web version 2.0.5-4 Description: An issue in the software allows remote attackers to obtain sensitive information via a crafted request. Recommendations: For version 2.0.5-4, at the moment, there is no information about a...
Number withdrawn
Fronius Datalogger Web is Fronius' integrated WLAN datalogger for a variety of applications. This CVE number has been withdrawn...
CVE-2019-19229
admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 HM 1.12.1 allows action=download&filename= Directory Traversal...
CVE-2019-19229
admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 HM 1.12.1 allows action=download&filename= Directory Traversal...
CVE-2019-19228
Fronius Solar Inverter devices before 3.14.1 HM 1.12.1 allow attackers to bypass authentication because the password for the today account is stored in the /tmp/webusers.conf file...
CVE-2019-19228
Fronius Solar Inverter devices before 3.14.1 HM 1.12.1 allow attackers to bypass authentication because the password for the today account is stored in the /tmp/webusers.conf file...
Authentication flaw
Fronius Solar Inverter devices before 3.14.1 HM 1.12.1 allow attackers to bypass authentication because the password for the today account is stored in the /tmp/webusers.conf file...
Directory traversal
admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 HM 1.12.1 allows action=download&filename= Directory Traversal...
CVE-2019-19228
Fronius Solar Inverter devices before 3.14.1 HM 1.12.1 allow attackers to bypass authentication because the password for the today account is stored in the /tmp/webusers.conf file...
CVE-2019-19228
CVE-2019-19228 (and related CVE-2019-19229) affect Fronius Solar Inverter devices prior to version 3.14.1 (HM 1.12.1). The root cause is a credential handling flaw where the password for the today account is stored in /tmp/web_users.conf, enabling bypass of authentication. Related entry CVE-2019-...
CVE-2019-19229
admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 HM 1.12.1 allows action=download&filename= Directory Traversal...
CVE-2019-19229
CVE-2019-19229 affects Fronius Solar Inverter devices prior to 3.14.1 (HM 1.12.1). The vulnerability resides in the admincgi-bin/service.fcgi endpoint and is a Directory Traversal flaw triggered by action=download&filename=, potentially exposing restricted files. Explicit exploit details are not ...
Fronius Solar Inverter Series Path Traversal Vulnerability
The Fronius Solar Inverter is a photovoltaic inverter device from the Austrian company Fronius. A path traversal vulnerability exists in admincgi-bin/service.fcgi in versions prior to Fronius Solar Inverter 3.14.1 HM 1.12.1. The vulnerability stems from a failure of a network system or product to...
Fronius Solar Inverter Series Insecure Communication / Path Traversal
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilites product: Fronius Solar Inverter Series vulnerable version: SW Version =3.14.1 vuln 2: 3.12.5 - HM 1.10.5, see solution section below CVE number:...
Fronius Solar Inverter Series Backdoor Account Vulnerability
The Fronius Solar Inverter is a photovoltaic inverter device from the Austrian company Fronius. A security vulnerability exists in Fronius Solar Inverter versions prior to 3.14.1 HM 1.12.1, which stems from the program storing the 'today' account password in the /tmp/webusers.conf file. An attack...