CVE-2022-35239

Summary

The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated attacker uploads a specially crafted PHP file.

Affected Software

VendorProductVersion RangeStatus
CONTEC CO., LTD.SolarView CompactSV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlieraffected

Weaknesses

  • Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References