CVE-2021-20661

Directory traversal vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors...

CVE-2021-20661

CVE-2021-20661 affects SolarView Compact SV-CPT-MC310 prior to Ver.6.5. A directory traversal vulnerability allows an authenticated attacker to delete arbitrary files and/or directories on the server via unspecified vectors. Documented impact states file system access could be obtained and manipu...

CVE-2021-20659

CVE-2021-20659 affects SolarView Compact SV-CPT-MC310 prior to Ver.6.5, where an authenticated attacker can upload arbitrary files via unspecified vectors; if the uploaded file is a PHP script, arbitrary code execution may occur. The issue is addressed in SV-CPT-MC310 Ver.6.50 (firmware update).

CVE-2021-20660

Cross-site scripting vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to inject an arbitrary script via unspecified vectors...

CVE-2021-20659

SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to upload arbitrary files via unspecified vectors. If the file is PHP script, an attacker may execute arbitrary code...

CVE-2021-20660

CVE-2021-20660 is a Cross-site Scripting vulnerability affecting SolarView Compact SV-CPT-MC310, prior to Ver.6.5. The issue allows an attacker to inject an arbitrary script via unspecified vectors in the affected product. The available connected documents corroborate the vulnerability descriptio...

CVE-2021-20658

SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors...

CVE-2021-20658

CVE-2021-20658 affects SolarView Compact SV-CPT-MC310. The vulnerability is an OS command injection in the web server context, allowing an attacker to execute arbitrary OS commands with the web server’s privileges via unspecified vectors. Affected product/version: SolarView Compact SV-CPT-MC310 p...

CVE-2021-20657

Improper access control vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain and/or alter the setting information without the access privilege via unspecified vectors...

CVE-2021-20657

CVE-2021-20657 affects SolarView Compact SV-CPT-MC310 prior to firmware Ver.6.5, with an improper access‑control flaw that lets an authenticated attacker obtain and/or alter settings information without the proper privileges via unspecified vectors. The impact includes potential disclosure of con...

CVE-2021-20656

SolarView Compact SV-CPT-MC310 is affected by CVE-2021-20656 (Exposure of information through directory listing). The vulnerability allows an authenticated attacker to obtain information inside the system (directories/file configurations). Affected version: SV-CPT-MC310 prior to Ver.6.5. Root cau...

CVE-2021-20656

Exposure of information through directory listing in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain the information inside the system, such as directories and/or file configurations via unspecified vectors...

Kangtaike SolarView Compact SV-CPT-MC310 Arbitrary File Upload Vulnerability

Kangtaike SolarView Compact is an application system from Kangtaike Japan Inc. Kangtaike SolarView Compact SV-CPT-MC310 contains an arbitrary file upload vulnerability that can be exploited by attackers to upload arbitrary files via an unspecified carrier...

Kangtaike SolarView Compact SV-CPT-MC310 OS Command Injection Vulnerability

Kangtaike SolarView Compact is an application system from Kangtaike, Japan. Kangtaike SolarView Compact SV-CPT-MC310 contains an operating system command injection vulnerability that could be exploited by an attacker to execute arbitrary operating system commands with Web server privileges via...

Kangtaike SolarView Compact 代码问题漏洞

Kangtaike SolarView Compact is an application system from Kangtaike Japan Inc. Kangtaike SolarView Compact SV-CPT-MC310 contains an arbitrary file upload vulnerability that can be exploited by attackers to upload arbitrary files via an unspecified carrier...

Kangtaike SolarView Compact 操作系统命令注入漏洞

Kangtaike SolarView Compact is an application system from Kangtaike, Japan. Kangtaike SolarView Compact SV-CPT-MC310 contains an operating system command injection vulnerability that could be exploited by an attacker to execute arbitrary operating system commands with Web server privileges via...

Kangtaike SolarView Compact 跨站脚本漏洞

Kangtaike SolarView Compact is an application system from Kangtaike, Japan. Kangtaike SolarView Compact SV-CPT-MC310 is vulnerable to cross-site scripting, which can be exploited by attackers to inject arbitrary scripts via unspecified vectors...

Kangtaike SolarView Compact 安全漏洞

Kangtaike SolarView Compact is an application system from Kangtaike Japan Inc. which provides photovoltaic power measurement systems. Kangtaike SolarView Compact SV-CPT-MC310 suffers from an access control error vulnerability that could be exploited by an attacker to obtain and/or change settings...

Kangtaike SolarView Compact 路径遍历漏洞

Kangtaike SolarView Compact is an application from Kangtaike Japan Inc. which provides photovoltaic power measurement systems. Kangtaike SolarView Compact SV-CPT-MC310 suffers from a path traversal vulnerability that could be exploited by an attacker to delete arbitrary files and/or directories o...

JVN#37417423: Multiple vulnerabilities in SolarView Compact

SolarView Compact provided by Contec Co., Ltd. contains multiple vulnerabilities listed below. Exposure of information through directory listing CWE-548 - CVE-2021-20656 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N| Base Score: 3.5 CVSS v2|...