Vulnerabilities > Contec > Solarview Compact Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-10-27 CVE-2023-46509 Unspecified vulnerability in Contec Solarview Compact Firmware 4.0/5.0/6.0
An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component.
network
low complexity
contec
critical
9.8
2023-09-08 CVE-2023-40924 Path Traversal vulnerability in Contec Solarview Compact Firmware 6.0
SolarView Compact < 6.00 is vulnerable to Directory Traversal.
network
low complexity
contec CWE-22
7.5
2023-05-23 CVE-2023-29919 Incorrect Default Permissions vulnerability in Contec Solarview Compact Firmware 6.0
SolarView Compact <= 6.0 is vulnerable to Insecure Permissions.
network
low complexity
contec CWE-276
critical
9.1
2023-02-06 CVE-2023-23333 Command Injection vulnerability in Contec Solarview Compact Firmware 6.0
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
network
low complexity
contec CWE-77
critical
9.8
2022-11-29 CVE-2022-44354 Unrestricted Upload of File with Dangerous Type vulnerability in Contec Solarview Compact Firmware 4.0/5.0
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file.
network
low complexity
contec CWE-434
critical
9.8
2022-11-29 CVE-2022-44355 Cross-site Scripting vulnerability in Contec Solarview Compact Firmware 7.0
SolarView Compact 7.0 is vulnerable to Cross-site Scripting (XSS) via /network_test.php.
network
low complexity
contec CWE-79
6.1
2022-11-17 CVE-2022-40881 Command Injection vulnerability in Contec Solarview Compact Firmware 6.00
SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php
network
low complexity
contec CWE-77
critical
9.8