Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2019-19229

Published: 04/12/2019 Updated: 16/12/2019
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N
Subscribe to Fronius

Vulnerability Summary

admincgi-bin/service.fcgi on Fronius Solar Inverter devices prior to 3.14.1 (HM 1.12.1) allows action=download&filename= Directory Traversal.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

fronius datamanager_box_2.0_firmware

fronius eco_25.0-3-s_firmware

fronius eco_27.0-3-s_firmware

fronius galvo_1.5-1_firmware

fronius galvo_1.5-1_208-240_firmware

fronius galvo_2.0-1_firmware

fronius galvo_2.0-1_208-240_firmware

fronius galvo_2.5-1_firmware

fronius galvo_2.5-1_208-240_firmware

fronius galvo_3.0-1_firmware

fronius galvo_3.1-1_firmware

fronius galvo_3.1-1_208-240_firmware

fronius primo_10.0-1_208-240_firmware

fronius primo_11.4-1_208-240_firmware

fronius primo_12.5-1_208-240_firmware

fronius primo_15.0-1_208-240_firmware

fronius primo_3.0-1_firmware

fronius primo_3.5-1_firmware

fronius primo_3.6-1_firmware

fronius primo_3.8-1_208-240_firmware

fronius primo_4.0-1_firmware

fronius primo_4.6-1_firmware

fronius primo_5.0-1_firmware

fronius primo_5.0-1_208-240_firmware

fronius primo_5.0-1_aus_firmware

fronius primo_5.0-1_sc_firmware

fronius primo_6.0-1_firmware

fronius primo_6.0-1_208-240_firmware

fronius primo_7.6-1_208-240_firmware

fronius primo_8.2-1_firmware

fronius primo_8.2-1_208-240_firmware

fronius symo_10.0-3-m_firmware

fronius symo_10.0-3-m-os_firmware

fronius symo_10.0-3_208-240_firmware

fronius symo_10.0-3_480_firmware

fronius symo_12.0-3_208-240_firmware

fronius symo_12.5-3-m_firmware

fronius symo_12.5-3_480_firmware

fronius symo_15.0-3-m_firmware

fronius symo_15.0-3_107_firmware

fronius symo_15.0-3_480_firmware

fronius symo_17.5-3-m_firmware

fronius symo_17.5-3_480_firmware

fronius symo_20.0-3-m_firmware

fronius symo_20.0-3_480_firmware

fronius symo_22.7-3_480_firmware

fronius symo_24.0-3_480_firmware

fronius symo_3.0-3-m_firmware

fronius symo_3.0-3-s_firmware

fronius symo_3.7-3-m_firmware

fronius symo_3.7-3-s_firmware

fronius symo_4.5-3-m_firmware

fronius symo_4.5-3-s_firmware

fronius symo_5.0-3-m_firmware

fronius symo_6.0-3-m_firmware

fronius symo_7.0-3-m_firmware

fronius symo_8.2-3-m_firmware

fronius symo_advanced_10.0-3_208-240_firmware

fronius symo_advanced_12.0-3_208-240_firmware

fronius symo_advanced_15.0-3_480_firmware

fronius symo_advanced_20.0-3_480_firmware

fronius symo_advanced_22.7-3_480_firmware

fronius symo_advanced_24.0-3_480_firmware

fronius symo_hybrid_3.0-3-m_firmware

fronius symo_hybrid_4.0-3-m_firmware

fronius symo_hybrid_5.0-3-m_firmware

Exploits

Exploit DB: Fronius Solar Inverter Series Insecure Communication / Path Traversal
Fronius Solar Inverter Series with software versions below 3141 (HM 1121) suffer from unencrypted communication and path traversal vulnerabilities ...

References

CWE-22https://seclists.org/bugtraq/2019/Dec/5https://sec-consult.com/en/blog/advisories/multiple-vulnerabilites-in-fronius-solar-inverter-series-cve-2019-19229-cve-2019-19228/http://packetstormsecurity.com/files/155562/Fronius-Solar-Inverter-Series-Insecure-Communication-Path-Traversal.htmlhttps://nvd.nist.govhttps://packetstormsecurity.com/files/155562/Fronius-Solar-Inverter-Series-Insecure-Communication-Path-Traversal.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975CVE-2024-2961CVE-2024-20380XML injectionHTML injectionCVE-2024-29204CVE-2023-51795memory leakCVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook