Contec: >> Solarview Compact Firmware Security Vulnerabilities
An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component.
CVSS Score
9.8
EPSS Score
0.006
Published
2023-10-27
SolarView Compact < 6.00 is vulnerable to Directory Traversal.
CVSS Score
7.5
EPSS Score
0.091
Published
2023-09-08
SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted.
CVSS Score
9.1
EPSS Score
0.92
Published
2023-05-23
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
CVSS Score
9.8
EPSS Score
0.942
Published
2023-02-06
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file.
CVSS Score
9.8
EPSS Score
0.011
Published
2022-11-29
SolarView Compact 7.0 is vulnerable to Cross-site Scripting (XSS) via /network_test.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-11-29
SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php
CVSS Score
9.8
EPSS Score
0.937
Published
2022-11-17