Contec: >> Sv-Cpt-Mc310 Firmware >> 6.00 Security Vulnerabilities
Directory traversal vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors.
CVSS Score
8.1
EPSS Score
0.012
Published
2021-02-24
Missing authentication for critical function in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to alter the setting information without the access privileges via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-02-24
Exposure of information through directory listing in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain the information inside the system, such as directories and/or file configurations via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2021-02-24
Improper access control vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain and/or alter the setting information without the access privilege via unspecified vectors.
CVSS Score
5.4
EPSS Score
0.003
Published
2021-02-24
SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.021
Published
2021-02-24
SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to upload arbitrary files via unspecified vectors. If the file is PHP script, an attacker may execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.016
Published
2021-02-24
Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.
CVSS Score
5.0
EPSS Score
0.744
Published
2014-03-14
Page 2