CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-27920
https://notcve.org/view.php?id=CVE-2023-27920
23 May 2023 — Improper access control vulnerability in the system date/time setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to alter system date/time of the affected product. • https://jvn.jp/en/vu/JVNVU92106300 • CWE-863: Incorrect Authorization •
CVSS: 9.0EPSS: 1%CPEs: 4EXPL: 0CVE-2023-27514
https://notcve.org/view.php?id=CVE-2023-27514
23 May 2023 — OS command injection vulnerability in the download page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute an arbitrary OS command. • https://jvn.jp/en/vu/JVNVU92106300 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 2%CPEs: 4EXPL: 0CVE-2023-27518
https://notcve.org/view.php?id=CVE-2023-27518
23 May 2023 — Buffer overflow vulnerability in the multiple setting pages of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute arbitrary code. • https://jvn.jp/en/vu/JVNVU92106300 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-27512
https://notcve.org/view.php?id=CVE-2023-27512
23 May 2023 — Use of hard-coded credentials exists in SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10, and SV-CPT-MC310F versions prior to Ver.8.10, which may allow a remote authenticated attacker to login the affected product with an administrative privilege and perform an unintended operation. • https://jvn.jp/en/vu/JVNVU92106300 • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.0EPSS: 1%CPEs: 4EXPL: 0CVE-2023-27521
https://notcve.org/view.php?id=CVE-2023-27521
23 May 2023 — OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated attackers to execute an arbitrary OS command. • https://jvn.jp/en/vu/JVNVU92106300 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-35239
https://notcve.org/view.php?id=CVE-2022-35239
16 Aug 2022 — The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated attacker uploads a specially crafted PHP file. La página de administración de archivos de imagen de SolarView Compact SV-CPT-MC310 Versiones 7.23 y anteriores, y SV-CPT-MC310F Versiones 7.23 y anteriores, contiene u... • https://jvn.jp/en/vu/JVNVU93696585 • CWE-20: Improper Input Validation •