CVE-2022-35239 - OpenCVE

The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated attacker uploads a specially crafted PHP file.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Contec	Sv-cpt-mc310 Sv-cpt-mc310 Firmware Sv-cpt-mc310f Sv-cpt-mc310f Firmware

Configuration 1 [-]

AND

cpe:2.3:o:contec:sv-cpt-mc310f_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:sv-cpt-mc310f:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:contec:sv-cpt-mc310_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:sv-cpt-mc310:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://jvn.jp/en/vu/JVNVU93696585/
https://www.contec.com/jp/api/downloadlogger?download=/jp/-/media/Contec/jp/support/security-info/contec_security_solarview_220727.pdf
https://www.contec.com/jp/download/donwload-list/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e#firmware

History

No history.

MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2022-08-16T07:01:46

Updated: 2024-08-03T09:29:17.446Z

Reserved: 2022-07-21T00:00:00

Link: CVE-2022-35239

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-08-16T08:15:08.933

Modified: 2022-08-18T12:16:32.527

Link: CVE-2022-35239

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "SolarView Compact", "vendor": "CONTEC CO., LTD.", "versions": [{"status": "affected", "version": "SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier"}]}], "descriptions": [{"lang": "en", "value": "The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated attacker uploads a specially crafted PHP file."}], "problemTypes": [{"descriptions": [{"description": "Improper Input Validation", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-08-16T07:01:46", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.contec.com/jp/api/downloadlogger?download=/jp/-/media/Contec/jp/support/security-info/contec_security_solarview_220727.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://www.contec.com/jp/download/donwload-list/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e#firmware"}, {"tags": ["x_refsource_MISC"], "url": "https://jvn.jp/en/vu/JVNVU93696585/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2022-35239", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SolarView Compact", "version": {"version_data": [{"version_value": "SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier"}]}}]}, "vendor_name": "CONTEC CO., LTD."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated attacker uploads a specially crafted PHP file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper Input Validation"}]}]}, "references": {"reference_data": [{"name": "https://www.contec.com/jp/api/downloadlogger?download=/jp/-/media/Contec/jp/support/security-info/contec_security_solarview_220727.pdf", "refsource": "MISC", "url": "https://www.contec.com/jp/api/downloadlogger?download=/jp/-/media/Contec/jp/support/security-info/contec_security_solarview_220727.pdf"}, {"name": "https://www.contec.com/jp/download/donwload-list/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e#firmware", "refsource": "MISC", "url": "https://www.contec.com/jp/download/donwload-list/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e#firmware"}, {"name": "https://jvn.jp/en/vu/JVNVU93696585/", "refsource": "MISC", "url": "https://jvn.jp/en/vu/JVNVU93696585/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T09:29:17.446Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.contec.com/jp/api/downloadlogger?download=/jp/-/media/Contec/jp/support/security-info/contec_security_solarview_220727.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.contec.com/jp/download/donwload-list/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e#firmware"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://jvn.jp/en/vu/JVNVU93696585/"}]}]}, "cveMetadata": {"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2022-35239", "datePublished": "2022-08-16T07:01:46", "dateReserved": "2022-07-21T00:00:00", "dateUpdated": "2024-08-03T09:29:17.446Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:contec:sv-cpt-mc310f_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A1DA5BF-2724-4D2E-8AB1-A1A6A461CF8E", "versionEndExcluding": "7.24", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:contec:sv-cpt-mc310f:-:*:*:*:*:*:*:*", "matchCriteriaId": "CAC9BA1B-C65A-4EEA-AAD6-88685BC7A4FA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:contec:sv-cpt-mc310_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4DA921A2-7DC7-4955-A3A7-85AE46ACEE0D", "versionEndExcluding": "7.24", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:contec:sv-cpt-mc310:-:*:*:*:*:*:*:*", "matchCriteriaId": "F9FCCA5E-19F8-47D9-A6C6-77AF2AEFD51A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated attacker uploads a specially crafted PHP file."}, {"lang": "es", "value": "La p\u00e1gina de administraci\u00f3n de archivos de imagen de SolarView Compact SV-CPT-MC310 Versiones 7.23 y anteriores, y SV-CPT-MC310F Versiones 7.23 y anteriores, contiene una vulnerabilidad de verificaci\u00f3n insuficiente cuando son cargados archivos. Si es explotada esta vulnerabilidad, puede ejecutarse c\u00f3digo PHP arbitrario si un atacante remoto autenticado carga un archivo PHP especialmente dise\u00f1ado."}], "id": "CVE-2022-35239", "lastModified": "2022-08-18T12:16:32.527", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-16T08:15:08.933", "references": [{"source": "vultures@jpcert.or.jp", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/en/vu/JVNVU93696585/"}, {"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "https://www.contec.com/jp/api/downloadlogger?download=/jp/-/media/Contec/jp/support/security-info/contec_security_solarview_220727.pdf"}, {"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "https://www.contec.com/jp/download/donwload-list/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e#firmware"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}