Lucene search

[email protected]CVE-2022-40881

HistoryNov 17, 2022 - 4:15 a.m.

CVE-2022-40881

2022-11-1704:15:10

CWE-77

[email protected]

web.nvd.nist.gov

cve-2022-40881

solarview compact

command injection

network_test.php

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.961 High

EPSS

Percentile

99.5%

JSON

SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php

Affected configurations

NVD

Node

contecsolarview_compactMatch-

AND

contecsolarview_compact_firmwareMatch6.00

CPENameOperatorVersion
contec:solarview_compact_firmwarecontec solarview compact firmwareeq6.00

CPE	Name	Operator	Version
contec:solarview_compact_firmware	contec solarview compact firmware	eq	6.00

References

github.com/Timorlover/SolarView_Compact_6.0_rce_via_network_test.php

Social References

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.961 High

EPSS

Percentile

99.5%

JSON

Related for CVE-2022-40881

nuclei1 githubexploit1 cvelist1 prion1 nvd1