Lucene search

K
nvd[email protected]NVD:CVE-2023-46509
HistoryOct 27, 2023 - 9:15 p.m.

CVE-2023-46509

2023-10-2721:15:09
web.nvd.nist.gov
cve-2023-46509
contec solarview
arbitrary code execution

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.001

Percentile

48.9%

An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component.

Affected configurations

NVD
Node
contecsolarview_compact_firmwareRange6.0
AND
contecsolarview_compactMatch-

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.001

Percentile

48.9%

Related for NVD:CVE-2023-46509