Vulnerabilities > Contec > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-10-27 CVE-2023-46509 Unspecified vulnerability in Contec Solarview Compact Firmware 4.0/5.0/6.0
An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component.
network
low complexity
contec
critical
 9.8
9.8
2023-05-23 CVE-2023-29919 Incorrect Default Permissions vulnerability in Contec Solarview Compact Firmware 6.0
SolarView Compact <= 6.0 is vulnerable to Insecure Permissions.
network
low complexity
contec CWE-276
critical
 9.1
9.1
2023-02-06 CVE-2023-23333 Command Injection vulnerability in Contec Solarview Compact Firmware 6.0
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
network
low complexity
contec CWE-77
critical
 9.8
9.8
2022-11-29 CVE-2022-44354 Unrestricted Upload of File with Dangerous Type vulnerability in Contec Solarview Compact Firmware 4.0/5.0
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file.
network
low complexity
contec CWE-434
critical
 9.8
9.8
2022-11-17 CVE-2022-40881 Command Injection vulnerability in Contec Solarview Compact Firmware 6.00
SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php
network
low complexity
contec CWE-77
critical
 9.8
9.8
2022-05-12 CVE-2022-29303 OS Command Injection vulnerability in Contec Sv-Cpt-Mc310 Firmware 6.00
SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php.
network
low complexity
contec CWE-78
critical
 9.8
9.8
2021-02-24 CVE-2021-20658 OS Command Injection vulnerability in Contec Sv-Cpt-Mc310 Firmware
SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors.
network
low complexity
contec CWE-78
critical
 10.0
10