CVE-2019-19228

Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allow attackers to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file.
Configurations

Configuration 1


Information

Published : 2019-12-04 07:15

Updated : 2019-12-16 02:10


NVD link : CVE-2019-19228

Mitre link : CVE-2019-19228

CWE
CWE-312

Cleartext Storage of Sensitive Information