Scaner-VSvulnerability catalog · v4.2

Home Catalog Sources CWE CAPEC ATT&CK Mitigations Products Vendors Docs

← Back to List

Fronius›Operating systemnvd

Galvo 2.5-1 Firmware

Vulnerabilities

2

Known exploited

0

Max CVSS

9.8

Top EPSS

0.02314

Severity breakdown

Critical

1

High

0

Medium

1

Low

0

Affected version ranges

< 3.14.1

Also matched as (raw): galvo_2.5-1_firmware

Top vulnerabilities

CVE-2019-19228Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allow attackers to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file.

CVE-2019-19229admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allows action=download&filename= Directory Traversal.

View vendor →Open in catalog with product filter →