First published: Thu May 12 2022(Updated: )
SolarView Compact contains a command injection vulnerability due to improper validation of input values on the send test mail console of the product's web server.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Contec Sv-cpt-mc310 Firmware | =6.00 | |
Contec Sv-cpt-mc310 | ||
SolarView Compact | ||
All of | ||
Contec Sv-cpt-mc310 Firmware | =6.00 | |
Contec Sv-cpt-mc310 |
Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The CVE ID of this vulnerability is CVE-2022-29303.
The title of this vulnerability is SolarView Compact Command Injection Vulnerability.
SolarView Compact contains a command injection vulnerability due to improper validation of input values on the send test mail console of the product's web server.
The affected software includes Contec Sv-cpt-mc310 Firmware version 6.00 and SolarView Compact.
The severity of this vulnerability is critical with a CVSS score of 9.8.
Apply the latest security patch or update provided by SolarView.
You can find more information about this vulnerability at the following references: [1](http://packetstormsecurity.com/files/167183/SolarView-Compact-6.0-Command-Injection.html), [2](https://drive.google.com/drive/folders/1tGr-WExbpfvhRg31XCoaZOFLWyt3r60g?usp=sharing), [3](https://jvn.jp/en/vu/JVNVU92327282/).