Critical severity9.8NVD Advisory· Published Dec 4, 2019· Updated Jun 17, 2026
CVE-2019-19228
CVE-2019-19228
Description
Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allow attackers to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Fronius/Solar Inverterdescription
- Range: <3.14.1 (HM 1.12.1)
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/155562/Fronius-Solar-Inverter-Series-Insecure-Communication-Path-Traversal.htmlnvdExploitThird Party AdvisoryVDB Entry
- sec-consult.com/en/blog/advisories/multiple-vulnerabilites-in-fronius-solar-inverter-series-cve-2019-19229-cve-2019-19228/nvdExploitThird Party Advisory
- seclists.org/bugtraq/2019/Dec/5nvdExploitMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.