CVE-2022-35239 - OpenCVE

The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated attacker uploads a specially crafted PHP file.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Contec	Sv-cpt-mc310 Sv-cpt-mc310 Firmware Sv-cpt-mc310f Sv-cpt-mc310f Firmware

Configuration 1 [-]

AND

cpe:2.3:o:contec:sv-cpt-mc310f_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:sv-cpt-mc310f:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:contec:sv-cpt-mc310_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:sv-cpt-mc310:-:*:*:*:*:*:*:*

References

Link	Resource
https://jvn.jp/en/vu/JVNVU93696585/	Third Party Advisory
https://www.contec.com/jp/api/downloadlogger?download=/jp/-/media/Contec/jp/support/security-info/contec_security_solarview_220727.pdf	Vendor Advisory
https://www.contec.com/jp/download/donwload-list/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e#firmware	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: jpcert

Published: 2022-08-16T07:01:46

Updated: 2022-08-16T07:01:46

Reserved: 2022-07-21T00:00:00

Link: CVE-2022-35239

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-08-16T08:15:08.933

Modified: 2022-08-18T12:16:32.527

Link: CVE-2022-35239

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "SolarView Compact", "vendor": "CONTEC CO., LTD.", "versions": [{"status": "affected", "version": "SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier"}]}], "descriptions": [{"lang": "en", "value": "The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated attacker uploads a specially crafted PHP file."}], "problemTypes": [{"descriptions": [{"description": "Improper Input Validation", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-08-16T07:01:46", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.contec.com/jp/api/downloadlogger?download=/jp/-/media/Contec/jp/support/security-info/contec_security_solarview_220727.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://www.contec.com/jp/download/donwload-list/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e#firmware"}, {"tags": ["x_refsource_MISC"], "url": "https://jvn.jp/en/vu/JVNVU93696585/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2022-35239", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SolarView Compact", "version": {"version_data": [{"version_value": "SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier"}]}}]}, "vendor_name": "CONTEC CO., LTD."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated attacker uploads a specially crafted PHP file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper Input Validation"}]}]}, "references": {"reference_data": [{"name": "https://www.contec.com/jp/api/downloadlogger?download=/jp/-/media/Contec/jp/support/security-info/contec_security_solarview_220727.pdf", "refsource": "MISC", "url": "https://www.contec.com/jp/api/downloadlogger?download=/jp/-/media/Contec/jp/support/security-info/contec_security_solarview_220727.pdf"}, {"name": "https://www.contec.com/jp/download/donwload-list/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e#firmware", "refsource": "MISC", "url": "https://www.contec.com/jp/download/donwload-list/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e#firmware"}, {"name": "https://jvn.jp/en/vu/JVNVU93696585/", "refsource": "MISC", "url": "https://jvn.jp/en/vu/JVNVU93696585/"}]}}}}, "cveMetadata": {"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2022-35239", "datePublished": "2022-08-16T07:01:46", "dateReserved": "2022-07-21T00:00:00", "dateUpdated": "2022-08-16T07:01:46", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:contec:sv-cpt-mc310f_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A1DA5BF-2724-4D2E-8AB1-A1A6A461CF8E", "versionEndExcluding": "7.24", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:contec:sv-cpt-mc310f:-:*:*:*:*:*:*:*", "matchCriteriaId": "CAC9BA1B-C65A-4EEA-AAD6-88685BC7A4FA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:contec:sv-cpt-mc310_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4DA921A2-7DC7-4955-A3A7-85AE46ACEE0D", "versionEndExcluding": "7.24", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:contec:sv-cpt-mc310:-:*:*:*:*:*:*:*", "matchCriteriaId": "F9FCCA5E-19F8-47D9-A6C6-77AF2AEFD51A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated attacker uploads a specially crafted PHP file."}, {"lang": "es", "value": "La p\u00e1gina de administraci\u00f3n de archivos de imagen de SolarView Compact SV-CPT-MC310 Versiones 7.23 y anteriores, y SV-CPT-MC310F Versiones 7.23 y anteriores, contiene una vulnerabilidad de verificaci\u00f3n insuficiente cuando son cargados archivos. Si es explotada esta vulnerabilidad, puede ejecutarse c\u00f3digo PHP arbitrario si un atacante remoto autenticado carga un archivo PHP especialmente dise\u00f1ado."}], "id": "CVE-2022-35239", "lastModified": "2022-08-18T12:16:32.527", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-16T08:15:08.933", "references": [{"source": "vultures@jpcert.or.jp", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/en/vu/JVNVU93696585/"}, {"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "https://www.contec.com/jp/api/downloadlogger?download=/jp/-/media/Contec/jp/support/security-info/contec_security_solarview_220727.pdf"}, {"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "https://www.contec.com/jp/download/donwload-list/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e#firmware"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}