OS command injection vulnerability in the download page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute an arbitrary OS command.
References
Link | Resource |
---|---|
https://jvn.jp/en/vu/JVNVU92106300/ | Third Party Advisory |
https://www.contec.com/jp/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_solarview_230508.pdf | Vendor Advisory |
https://www.contec.com/jp/download/donwload-list/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e#firmware | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2023-05-23T00:00:00
Updated: 2023-05-23T00:00:00
Reserved: 2023-03-15T00:00:00
Link: CVE-2023-27514
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-05-23T02:15:09.700
Modified: 2023-05-30T15:40:15.907
Link: CVE-2023-27514
JSON object: View
Redhat Information
No data.
CWE