Published:2022/07/27  Last Updated:2022/08/08

JVNVU#93696585
CONTEC SolarView Compact vulnerable to insufficient verification in uploading files

Overview

SolarView Compact provided by CONTEC CO., LTD. contains an insufficient verification vulnerability when uploading files.

Products Affected

  • SolarView Compact
    • SV-CPT-MC310 Ver.7.23 and earlier
    • SV-CPT-MC310F Ver.7.23 and earlier

Description

SolarView Compact provided by CONTEC CO., LTD. is PV Measurement System.
The image file management page of SolarView Compact contains an insufficient verification vulnerability when uploading files (CWE-20).

Impact

Arbitrary PHP code may be executed if a remote authenticated attacker uploads a specially crafted PHP file.

Solution

Update the firmware
Update the firmware to the latest version according to the information provided by the developer.
This vulnerability has been already addressed in the following firmware versions.

  • SolarView Compact
    • SV-CPT-MC310 Ver.7.24
    • SV-CPT-MC310F Ver.7.24
Apply the workaround
Applying the following workarounds may mitigate the impacts of this vulnerability.
  • Disconnect from network if the product is used in the standalone environment
  • Setup a firewall and run the product behind it
  • Configure the product in the trusted and closed network
  • Choose "User authentications required in all menus" under "User authentication target settings" in "User account settings"
  • Change default credentials

Vendor Status

Vendor Link
CONTEC CO., LTD. Regarding a vulnerability in SolarView Compact (SV-CPT-MC310) (PDF, Text in Japanese)
SV-CPT-MC310 | frimware (Text in Japanese)

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score: 8.8
Attack Vector(AV) Physical (P) Local (L) Adjacent (A) Network (N)
Attack Complexity(AC) High (H) Low (L)
Privileges Required(PR) High (H) Low (L) None (N)
User Interaction(UI) Required (R) None (N)
Scope(S) Unchanged (U) Changed (C)
Confidentiality Impact(C) None (N) Low (L) High (H)
Integrity Impact(I) None (N) Low (L) High (H)
Availability Impact(A) None (N) Low (L) High (H)

Credit

webray reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2022-35239
JVN iPedia

Update History

2022/08/08
Information under the section [Credit] was added.