nvd,bdu
Contec
Vulnerabilities
54
Known exploited
1
Critical
12
High
21
Top products
Sv-cpt-mc31019Sv-cpt-mc310 Firmware19Conprosys Hmi System16Solarview Compact11Solarview Compact Firmware7Sv-cpt-mc310f6Sv-cpt-mc310f Firmware6Conprosys Hmi3Cps-mc341-a1-1113Cps-mc341-a1-111 Firmware3Cps-mc341-adsc1-1113Cps-mc341-adsc1-111 Firmware3Cps-mc341-adsc1-9313Cps-mc341-adsc1-931 Firmware3Cps-mc341-adsc2-1113Cps-mc341-adsc2-111 Firmware3Cps-mc341-ds11-1113Cps-mc341-ds11-111 Firmware3Cps-mc341-ds1-1113Cps-mc341-ds1-111 Firmware3
Top vulnerabilities
CVE-2023-46509An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component.
CVE-2023-23333There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
CVE-2022-44456CONPROSYS HMI System (CHS) Ver.3.4.4?and earlier allows a remote unauthenticated attacker to execute an arbitrary OS command on the server where the product is running by sending a specially crafted request.
CVE-2022-44354SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file.
CVE-2022-40881SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php
CVE-2022-31374An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file.
CVE-2022-29303SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php.
CVE-2021-20658SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors.
BDU:2023-07549Уязвимость компонента texteditor.php микропрограммного обеспечения устройства для измерения мощности, вырабатываемой солнечной энергией, отображения данных и хранения SolarView Compact связана с неверным управлением генерацией кода. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код
BDU:2023-06236Уязвимость компонента conf_mail.php микропрограммного обеспечения устройства для измерения мощности, вырабатываемой солнечной энергией, отображения данных и хранения SolarView Compact существует из-за непринятия мер по нейтрализации специальных элементов, используемых в команде операционной системы. Эксплуатация уязвимости может позволить нарушителю выполнить произвольную команду
BDU:2023-01084Уязвимость микропрограммного обеспечения устройства для измерения мощности, вырабатываемой солнечной энергией, отображения данных и хранения SolarView Compact связана с отсутствием мер по очистке входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольную команду
CVE-2023-29919SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted.
CVE-2023-28657Improper access control vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user of the PC where the affected product is installed may gain an administrative privilege. As a result, information regarding the product may be obtained and/or altered by the user.
CVE-2023-27917OS command injection vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker who can access Network Maintenance page to execute arbitrary OS commands with a root privilege. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 and earlier (CPS-MG341-ADSC1-111, CPS-MG341-ADSC1-931, CPS-MG341G-ADSC1-111, CPS-MG341G-ADSC1-930, and CPS-MG341G5-ADSC1-931), M2M Controller Integrated Type with firmware Ver.3.7.6 and earlier versions (CPS-MC341-ADSC1-111, CPS-MC341-ADSC1-931, CPS-MC341-ADSC2-111, CPS-MC341G-ADSC1-110, CPS-MC341Q-ADSC1-111, CPS-MC341-DS1-111, CPS-MC341-DS11-111, CPS-MC341-DS2-911, and CPS-MC341-A1-111), and M2M Controller Configurable Type with firmware Ver.3.8.8 and earlier versions (CPS-MCS341-DS1-111, CPS-MCS341-DS1-131, CPS-MCS341G-DS1-130, CPS-MCS341G5-DS1-130, and CPS-MCS341Q-DS1-131).
CVE-2023-27521OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated attackers to execute an arbitrary OS command.
CVE-2023-27518Buffer overflow vulnerability in the multiple setting pages of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute arbitrary code.
CVE-2023-27514OS command injection vulnerability in the download page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute an arbitrary OS command.
CVE-2022-36159Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow. As the password strength is weak, it can be cracked in few minutes. Through this credential, a malicious actor can access the Wireless LAN Manager interface and open the telnet port then sniff the traffic or inject any malware.
CVE-2022-35239The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated attacker uploads a specially crafted PHP file.
CVE-2021-20659SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to upload arbitrary files via unspecified vectors. If the file is PHP script, an attacker may execute arbitrary code.
CVE-2023-28713Plaintext storage of a password exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. Because account information of the database is saved in a local file in plaintext, a user who can access the PC where the affected product is installed can obtain the information. As a result, information in the database may be obtained and/or altered by the user.
CVE-2021-20661Directory traversal vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors.
CVE-2022-36158Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page (/usr/www/ja/mnt_cmd.cgi).
CVE-2023-28399Incorrect permission assignment for critical resource exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. ACL (Access Control List) is not appropriately set to the local folder where the affected product is installed, therefore a wide range of privileges is permitted to a user of the PC where the affected product is installed. As a result, the user may be able to destroy the system and/or execute a malicious program.
CVE-2023-40924SolarView Compact < 6.00 is vulnerable to Directory Traversal.