Published:2022/05/26 Last Updated:2022/06/09
JVNVU#92327282
Multiple vulnerabilities in CONTEC SolarView Compact
Overview
SolarView Compact provided by CONTEC CO., LTD. contains multiple vulnerabilities.
Products Affected
CVE-2022-29303
- SV-CPT-MC310 versions prior to Ver.7.21
- SV-CPT-MC310F versions prior to Ver.7.21
- SV-CPT-MC310 versions prior to Ver.6.50
- SV-CPT-MC310F versions prior to Ver.6.50
Description
SolarView Compact provided by CONTEC CO., LTD. is PV Measurement System. SolarView Compact contains multiple vulnerabilities listed below.
- OS command injection (CWE-78) - CVE-2022-29303
Improper validation of input values on the send test mail console of the product's web server may result in OS command injection.CVSS v3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score: 8.8 - Directory traversal (CWE-23) - CVE-2022-29298
Improper validation of a URL on the download page of the product's web server may allow a remote attacker to view and obtain an arbitrary file.CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8 - Information disclosure (CWE-200) - CVE-2022-29302
The hidden page which enables to edit the product's web server contents exists in the product's web server, and a remote attacker to read and/or alter an arbitrary file on the web server via the hidden page.CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Base Score: 6.5
Impact
Exploiting these vulnerabilities may result in the impacts listed below.
- An attacker who can access the product settings may execute an arbitrary OS command - CVE-2022-29303
- A remote attacker may obtain an arbitrary file - CVE-2022-29298
- A remote attacker may view and/or altered an arbitrary file on the web server - CVE-2022-29302
Solution
Update the firmware
Update the firmware to the latest version according to the information provided by the developer.
These vulnerabilities have been already addressed in the following firmware versions.
- SV-CPT-MC310 Ver.7.21
- SV-CPT-MC310F Ver.7.21
Applying the following workarounds may mitigate the impacts of these vulnerabilities.
- Disconnect from network if the product being used in the standalone environment
- Setup a firewall and run the product behind it
- Configure the product in the trusted and closed network
- Choose "User authentications required in all menus" under "User authentication target settings" in "User account settings"
- Change default credentials
Vendor Status
Vendor | Link |
CONTEC CO., LTD. | Command injection vulnerability in SolarView Compact (PDF, Text in Japanese) |
SV-CPT-MC310 | frimware (Text in Japanese) |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Update History
- 2022/06/09
- Information under the section [Title], [Overview], [Products Affected], [Description], [Impact], and [Solution] was updated.