Required CVE Record Information
Description
admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allows action=download&filename= Directory Traversal.
References 3 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 3 Total
- https://seclists.org/bugtraq/2019/Dec/5 x_transferred
- https://sec-consult.com/en/blog/advisories/multiple-vulnerabilites-in-fronius-solar-inverter-series-cve-2019-19229-cve-2019-19228/ x_transferred
- http://packetstormsecurity.com/files/155562/Fronius-Solar-Inverter-Series-Insecure-Communication-Path-Traversal.html x_transferred