CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2021/02/24 3:51 a.m.•13 views

CVE-2021-20659

SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to upload arbitrary files via unspecified vectors. If the file is PHP script, an attacker may execute arbitrary code...

9.3AI score0.01566EPSS

CVE•added 2021/02/24 3:51 a.m.•41 views

CVE-2021-20660

CVE-2021-20660 is a Cross-site Scripting vulnerability affecting SolarView Compact SV-CPT-MC310, prior to Ver.6.5. The issue allows an attacker to inject an arbitrary script via unspecified vectors in the affected product. The available connected documents corroborate the vulnerability descriptio...

6.1CVSS6.2AI score0.00611EPSS

Cvelist•added 2021/02/24 3:51 a.m.•12 views

CVE-2021-20658

SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors...

9.9AI score0.0214EPSS

CVE•added 2021/02/24 3:51 a.m.•53 views

CVE-2021-20658

CVE-2021-20658 affects SolarView Compact SV-CPT-MC310. The vulnerability is an OS command injection in the web server context, allowing an attacker to execute arbitrary OS commands with the web server’s privileges via unspecified vectors. Affected product/version: SolarView Compact SV-CPT-MC310 p...

10CVSS9.6AI score0.0214EPSS

Cvelist•added 2021/02/24 3:51 a.m.•13 views

CVE-2021-20657

Improper access control vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain and/or alter the setting information without the access privilege via unspecified vectors...

6.4AI score0.00317EPSS

CVE•added 2021/02/24 3:51 a.m.•41 views

CVE-2021-20657

CVE-2021-20657 affects SolarView Compact SV-CPT-MC310 prior to firmware Ver.6.5, with an improper access‑control flaw that lets an authenticated attacker obtain and/or alter settings information without the proper privileges via unspecified vectors. The impact includes potential disclosure of con...

5.5CVSS5.4AI score0.00317EPSS

CVE•added 2021/02/24 3:51 a.m.•54 views

CVE-2021-20656

SolarView Compact SV-CPT-MC310 is affected by CVE-2021-20656 (Exposure of information through directory listing). The vulnerability allows an authenticated attacker to obtain information inside the system (directories/file configurations). Affected version: SV-CPT-MC310 prior to Ver.6.5. Root cau...

4.3CVSS4.5AI score0.00326EPSS

Cvelist•added 2021/02/24 3:51 a.m.•13 views

CVE-2021-20656

Exposure of information through directory listing in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain the information inside the system, such as directories and/or file configurations via unspecified vectors...

5.5AI score0.00326EPSS

CNVD•added 2021/02/21 12:0 a.m.•15 views

Kangtaike SolarView Compact SV-CPT-MC310 Arbitrary File Upload Vulnerability

Kangtaike SolarView Compact is an application system from Kangtaike Japan Inc. Kangtaike SolarView Compact SV-CPT-MC310 contains an arbitrary file upload vulnerability that can be exploited by attackers to upload arbitrary files via an unspecified carrier...

8.8CVSS6.3AI score0.01566EPSS

Exploits0References1

CNVD•added 2021/02/21 12:0 a.m.•19 views

Kangtaike SolarView Compact SV-CPT-MC310 OS Command Injection Vulnerability

Kangtaike SolarView Compact is an application system from Kangtaike, Japan. Kangtaike SolarView Compact SV-CPT-MC310 contains an operating system command injection vulnerability that could be exploited by an attacker to execute arbitrary operating system commands with Web server privileges via...

10CVSS6.8AI score0.0214EPSS

Exploits0References1

6.1CVSS6.5AI score0.00611EPSS

Kangtaike SolarView Compact 跨站脚本漏洞

Kangtaike SolarView Compact is an application system from Kangtaike, Japan. Kangtaike SolarView Compact SV-CPT-MC310 is vulnerable to cross-site scripting, which can be exploited by attackers to inject arbitrary scripts via unspecified vectors...

8.1CVSS7AI score0.01218EPSS

Kangtaike SolarView Compact 路径遍历漏洞

Kangtaike SolarView Compact is an application from Kangtaike Japan Inc. which provides photovoltaic power measurement systems. Kangtaike SolarView Compact SV-CPT-MC310 suffers from a path traversal vulnerability that could be exploited by an attacker to delete arbitrary files and/or directories o...

Japan Vulnerability Notes•added 2021/02/19 12:0 a.m.•329 views

JVN#37417423: Multiple vulnerabilities in SolarView Compact

SolarView Compact provided by Contec Co., Ltd. contains multiple vulnerabilities listed below. Exposure of information through directory listing CWE-548 - CVE-2021-20656 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N| Base Score: 3.5 CVSS v2|...

10CVSS8.9AI score0.91037EPSS

Exploits22

7.5CVSS5.8AI score0.00399EPSS

Kangtaike SolarView Compact Access Control Error Vulnerability

Kangtaike SolarView Compact is an application system from Kangtaike, Japan. provides photovoltaic power generation measurement systems. An access control error vulnerability exists in SolarView Compact. The vulnerability arises from a lack of authentication measures or insufficient authentication...

4.3CVSS6.2AI score0.00326EPSS

Kangtaike SolarView Compact 信息泄露漏洞

Kangtaike SolarView Compact is an application system from Kangtaike Japan Inc. which provides photovoltaic power measurement systems. Kangtaike SolarView Compact SV-CPT-MC310 suffers from a path traversal vulnerability that could be exploited by attackers to obtain information inside the system,...