Vulnerabilities > Contec

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-20	CVE-2023-22373	Cross-site Scripting vulnerability in Contec Conprosys HMI System Cross-site scripting vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote authenticated attacker to inject an arbitrary script and obtain the sensitive information. network low complexity contec CWE-79	5.4
2022-11-29	CVE-2022-44354	Unrestricted Upload of File with Dangerous Type vulnerability in Contec Solarview Compact Firmware 4.0/5.0 SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file. network low complexity contec CWE-434 critical	9.8
2022-11-29	CVE-2022-44355	Cross-site Scripting vulnerability in Contec Solarview Compact Firmware 7.0 SolarView Compact 7.0 is vulnerable to Cross-site Scripting (XSS) via /network_test.php. network low complexity contec CWE-79	6.1
2022-11-17	CVE-2022-40881	Command Injection vulnerability in Contec Solarview Compact Firmware 6.00 SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php network low complexity contec CWE-77 critical	9.8
2022-09-26	CVE-2022-36158	Forced Browsing vulnerability in Contec products Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page (/usr/www/ja/mnt_cmd.cgi). low complexity contec CWE-425	8.0
2022-09-26	CVE-2022-36159	Use of Hard-coded Credentials vulnerability in Contec products Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow. low complexity contec CWE-798	8.8
2022-06-21	CVE-2022-31373	Cross-site Scripting vulnerability in Contec Sv-Cpt-Mc310 Firmware 6.0 SolarView Compact v6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Solar_AiConf.php. network contec CWE-79	4.3
2022-06-21	CVE-2022-31374	Unrestricted Upload of File with Dangerous Type vulnerability in Contec Sv-Cpt-Mc310 Firmware 6.0 An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file. network low complexity contec CWE-434	7.5
2022-05-12	CVE-2022-29298	Path Traversal vulnerability in Contec Sv-Cpt-Mc310 Firmware 6.00 SolarView Compact ver.6.00 allows attackers to access sensitive files via directory traversal. network low complexity contec CWE-22	7.5
2022-05-12	CVE-2022-29302	Files or Directories Accessible to External Parties vulnerability in Contec Sv-Cpt-Mc310 Firmware 6.00 SolarView Compact ver.6.00 was discovered to contain a local file disclosure via /html/Solar_Ftp.php. local low complexity contec CWE-552	2.1

Vulnerabilities > Contec {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Contec"}]}

Vulnerabilities > Contec