Lucene search
K
ContecSolarview Compact Firmware

7 matches found

CVE
CVE
added 2023/02/06 12:0 a.m.149 views

CVE-2023-23333

SolarView Compact 6.00 is affected by an OS command injection via downloader.php, allowing remote code execution. The vulnerability arises from an insecure file parameter in downloader.php that can bypass internal restrictions. Public exploit templates (including Metasploit module) describe obtai...

9.8CVSS9.7AI score0.99273EPSS
In wildWeb
CVE
CVE
added 2022/11/17 12:0 a.m.103 views

CVE-2022-40881

CVE-2022-40881 affects SolarView Compact 6.00 (CONTEC) with a remote command-injection via the web server page network_test.php. Multiple connected sources confirm an OS command injection vulnerability on the product’s web interface (CWE-78) that allows an attacker to execute arbitrary commands o...

9.8CVSS9.8AI score0.29451EPSS
In wild
CVE
CVE
added 2023/05/23 12:0 a.m.76 views

CVE-2023-29919

SolarView Compact

9.8CVSS9AI score0.60221EPSS
In wild
CVE
CVE
added 2023/09/08 12:0 a.m.68 views

CVE-2023-40924

SolarView Compact versions prior to 6.00 are vulnerable to a Directory Traversal flaw. Affected product is SolarView Compact (Contec) with version

7.5CVSS7.4AI score0.02885EPSS
CVE
CVE
added 2022/11/29 12:0 a.m.65 views

CVE-2022-44354

CVE-2022-44354 affects SolarView Compact 4.0–5.0. The connected documents describe an Unrestricted File Upload vulnerability caused by insufficient validation of uploaded files in these versions, allowing a crafted PHP file to be uploaded. The consequence is high impact (confidentiality, integrit...

9.8CVSS9.1AI score0.02131EPSS
CVE
CVE
added 2022/11/29 12:0 a.m.56 views

CVE-2022-44355

SolarView Compact 7.0 is affected by a Cross-site Scripting (XSS) vulnerability in the web server page /network_test.php. The issue (CVE-2022-44355) affects the Check Network Communication page and can lead to arbitrary script execution in a logged-in user’s browser. Root cause: XSS in the web in...

6.1CVSS6AI score0.01644EPSS
CVE
CVE
added 2023/10/27 12:0 a.m.48 views

CVE-2023-46509

CVE-2023-46509 affects Contec SolarView Compact 6.0 and earlier. The vulnerability is in the texteditor.php component due to incorrect code-generation management, enabling a remote attacker to execute arbitrary code. Impact is reported as arbitrary code execution; no exploit details are provided ...

9.8CVSS9.6AI score0.00807EPSS