CVE-2021-20658

SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors...

Authentication flaw

Missing authentication for critical function in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to alter the setting information without the access privileges via unspecified vectors...

Directory traversal

Directory traversal vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors...

Code injection

SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to upload arbitrary files via unspecified vectors. If the file is PHP script, an attacker may execute arbitrary code...

Cross site scripting

Cross-site scripting vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to inject an arbitrary script via unspecified vectors...

Design/Logic Flaw

SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors...

Information disclosure

Exposure of information through directory listing in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain the information inside the system, such as directories and/or file configurations via unspecified vectors...

Improper access control

Improper access control vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain and/or alter the setting information without the access privilege via unspecified vectors...

CVE-2021-20662

Missing authentication for critical function in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to alter the setting information without the access privileges via unspecified vectors...

CVE-2021-20662

CVE-2021-20662 affects SolarView Compact SV-CPT-MC310 prior to Ver.6.5, with a missing authentication for a critical function that can allow a settings alteration without privileges via unspecified vectors. Connected sources confirm the model and that a firmware update exists: SV-CPT-MC310 Ver.6....

CVE-2021-20661

Directory traversal vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors...

CVE-2021-20659

CVE-2021-20659 affects SolarView Compact SV-CPT-MC310 prior to Ver.6.5, where an authenticated attacker can upload arbitrary files via unspecified vectors; if the uploaded file is a PHP script, arbitrary code execution may occur. The issue is addressed in SV-CPT-MC310 Ver.6.50 (firmware update).

CVE-2021-20660

Cross-site scripting vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to inject an arbitrary script via unspecified vectors...

CVE-2021-20659

SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to upload arbitrary files via unspecified vectors. If the file is PHP script, an attacker may execute arbitrary code...

CVE-2021-20660

CVE-2021-20660 is a Cross-site Scripting vulnerability affecting SolarView Compact SV-CPT-MC310, prior to Ver.6.5. The issue allows an attacker to inject an arbitrary script via unspecified vectors in the affected product. The available connected documents corroborate the vulnerability descriptio...

CVE-2021-20658

SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors...

CVE-2021-20658

CVE-2021-20658 affects SolarView Compact SV-CPT-MC310. The vulnerability is an OS command injection in the web server context, allowing an attacker to execute arbitrary OS commands with the web server’s privileges via unspecified vectors. Affected product/version: SolarView Compact SV-CPT-MC310 p...

CVE-2021-20657

Improper access control vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain and/or alter the setting information without the access privilege via unspecified vectors...

CVE-2021-20656

SolarView Compact SV-CPT-MC310 is affected by CVE-2021-20656 (Exposure of information through directory listing). The vulnerability allows an authenticated attacker to obtain information inside the system (directories/file configurations). Affected version: SV-CPT-MC310 prior to Ver.6.5. Root cau...

CVE-2021-20656

Exposure of information through directory listing in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain the information inside the system, such as directories and/or file configurations via unspecified vectors...