module
SolarView Compact unauthenticated remote command execution vulnerability.
| Disclosed |
|---|
| May 15, 2023 |
Disclosed
May 15, 2023
Description
CONTEC's SolarView Series enables you to monitor and visualize solar power and is only available in Japan.
This module exploits a command injection vulnerability on the SolarView Compact `v6.00` web application
via vulnerable endpoint `downloader.php`.
After exploitation, an attacker will have full access with the same user privileges under
which the webserver is running (typically as user `contec`).
This module exploits a command injection vulnerability on the SolarView Compact `v6.00` web application
via vulnerable endpoint `downloader.php`.
After exploitation, an attacker will have full access with the same user privileges under
which the webserver is running (typically as user `contec`).
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.