VYPR

Data Recorder

by AUO Solar

CVEs (2)

  • CVE-2019-11367CriJun 3, 2019
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in AUO Solar Data Recorder before 1.3.0. The web portal uses HTTP Basic Authentication and provides the account and password in the WWW-Authenticate attribute. By using this account and password, anyone can login successfully.

  • CVE-2019-11368MedJun 3, 2019
    risk 0.38cvss 5.4epss 0.02

    Stored XSS was discovered in AUO Solar Data Recorder before 1.3.0 via the protect/config.htm addr parameter.