CVE-2022-40881

SolarView Compact 6.00 was discovered to contain a command injection vulnerability via networktest.php...

Command injection

SolarView Compact 6.00 was discovered to contain a command injection vulnerability via networktest.php...

Contec SolarView Compact 命令注入漏洞

Contec SolarView Compact is an application system from Contec Japan. It provides a photovoltaic power measurement system. A security vulnerability exists in Contec SolarView Compact version 6.00, which can be exploited by an attacker to inject via the command networktest.php...

CVE-2022-40881

SolarView Compact 6.00 was discovered to contain a command injection vulnerability via networktest.php...

CVE-2022-40881

CVE-2022-40881 affects SolarView Compact 6.00 (CONTEC) with a remote command-injection via the web server page network_test.php. Multiple connected sources confirm an OS command injection vulnerability on the product’s web interface (CWE-78) that allows an attacker to execute arbitrary commands o...

CVE-2022-40881

SolarView Compact 6.00 was discovered to contain a command injection vulnerability via networktest.php...

CVE-2022-27583

A remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2 running an affected firmware version to potentially impact the availability of the FlexiCompact...

Design/Logic Flaw

A remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2 running an affected firmware version to potentially impact the availability of the FlexiCompact...

SICK Flexi Compact 安全漏洞

SICK Flexi Compact is a safety controller from SICK Germany. A security vulnerability exists in the SICK Flexi Compact FLX3-CPUC1 and FLX3-CPUC2, which arises from a remote, unprivileged attacker being able to interact with the running configuration interface thereby potentially affecting the...

CVE-2022-27583

A remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2 running an affected firmware version to potentially impact the availability of the FlexiCompact...

PT-2022-18505 · Unknown · Flexi-Compact Flx3-Cpuc1 +1

Name of the Vulnerable Software and Affected Versions: Flexi-Compact FLX3-CPUC1 affected versions not specified Flexi-Compact FLX3-CPUC2 affected versions not specified Description: A remote unprivileged attacker can interact with the configuration interface to potentially impact the availability...

CVE-2022-27583

CVE-2022-27583 concerns a vulnerability in the configuration interface of SICK FlexiCompact FLX3-CPUC1 and FLX3-CPUC2. The available documents indicate a remote, unprivileged attacker could interact with the affected firmware’s configuration interface and potentially impact the FlexiCompact’s ava...

Code injection

WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address filter...

PT-2022-6077 · Wago · Compact Controller Cc100 +3

Name of the Vulnerable Software and Affected Versions: WAGO PFC100/PFC200 versions affected versions not specified WAGO Touch Panel 600 versions affected versions not specified WAGO Compact Controller CC100 versions affected versions not specified WAGO Edge Controller versions affected versions n...

多款WAGO产品安全漏洞

WAGO Series PFC100 and others are products of WAGO, Germany.WAGO Series PFC100 is a programmable logic controller.WAGO Compact Controller CC100 is a compact controller.WAGO Edge Controller is an edge controller. A security vulnerability exists in the WAGO Series PFC100/PFC200, Series Touch Panel...

CVE-2022-38371

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 =...

Microsoft Patch Tuesday September 2022: CLFS Driver EoP, IP packet causes RCE, Windows DNS Server DoS, Spectre-BHB

Hello everyone! Lets take a look at Microsofts September Patch Tuesday. This time it is quite compact. There were 63 CVEs released on Patch Tuesday day. If we add the vulnerabilities released between August and September Patch Tuesdays as usual, they were in Microsoft Edge, the final number is 90...

OpenZeppelin Contracts vulnerable to ECDSA signature malleability

Impact The functions ECDSA.recover and ECDSA.tryRecover are vulnerable to a kind of signature malleability due to accepting EIP-2098 compact signatures in addition to the traditional 65 byte signature format. This is only an issue for the functions that take a single bytes argument, and not the...

GHSA-4H98-2769-GH6H OpenZeppelin Contracts vulnerable to ECDSA signature malleability

Impact The functions ECDSA.recover and ECDSA.tryRecover are vulnerable to a kind of signature malleability due to accepting EIP-2098 compact signatures in addition to the traditional 65 byte signature format. This is only an issue for the functions that take a single bytes argument, and not the...

CVE-2022-35239

The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated...