OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated attackers to execute an arbitrary OS command.
References
Link | Resource |
---|---|
https://jvn.jp/en/vu/JVNVU92106300/ | Third Party Advisory |
https://www.contec.com/jp/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_solarview_230508.pdf | Vendor Advisory |
https://www.contec.com/jp/download/donwload-list/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e#firmware | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2023-05-23T00:00:00
Updated: 2023-05-23T00:00:00
Reserved: 2023-03-15T00:00:00
Link: CVE-2023-27521
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-05-23T02:15:09.787
Modified: 2023-05-30T15:40:34.467
Link: CVE-2023-27521
JSON object: View
Redhat Information
No data.
CWE