First published: Mon Feb 06 2023(Updated: )
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
Credit: cve@mitre.org cve@mitre.org ByteHunter
Affected Software | Affected Version | How to fix |
---|---|---|
Contec Solarview Compact Firmware | <=6.00 | |
Contec SolarView Compact |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-23333 is critical with a CVSS score of 9.8.
The Contec SolarView Compact Firmware version up to 6.00 is affected by CVE-2023-23333.
Attackers can exploit the CVE-2023-23333 vulnerability by executing commands through downloader.php by bypassing internal restrictions.
At the moment, no official fixes or patches have been released for CVE-2023-23333. It is recommended to follow the vendor's security advisories for updates.
You can find more information about CVE-2023-23333 on the following references: [Packet Storm Security](http://packetstormsecurity.com/files/174537/SolarView-Compact-6.00-Remote-Command-Execution.html) and [GitHub](https://github.com/Timorlover/CVE-2023-23333).