Known Vulnerabilities for products from Contec
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Contec".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-46509 json | An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php com... | 9.8 - CRITICAL | 2023-10-27 | 2023-10-31 |
| CVE-2023-40924 json | SolarView Compact < 6.00 is vulnerable to Directory Traversal. | 7.5 - HIGH | 2023-09-08 | 2023-09-19 |
| CVE-2023-29919 json | SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texted... | 9.1 - CRITICAL | 2023-05-23 | 2023-05-30 |
| CVE-2023-29154 json | SQL injection vulnerability exists in the CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affec... | 7.2 - HIGH | 2023-06-01 | 2023-06-08 |
| CVE-2023-28824 json | Server-side request forgery vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access... | 4.9 - MEDIUM | 2023-06-01 | 2023-06-08 |
| CVE-2023-28713 json | Plaintext storage of a password exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. Because account information of ... | 8.1 - HIGH | 2023-06-01 | 2023-06-08 |
| CVE-2023-28657 json | Improper access control vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user of the PC where th... | 8.8 - HIGH | 2023-06-01 | 2023-06-08 |
| CVE-2023-28651 json | Cross-site scripting vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. If a user who can access the... | 4.8 - MEDIUM | 2023-06-01 | 2023-06-08 |
| CVE-2023-28399 json | Incorrect permission assignment for critical resource exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. ACL (Acce... | 7.8 - HIGH | 2023-06-01 | 2023-06-08 |
| CVE-2023-27920 json | Improper access control vulnerability in the system date/time setting page of SolarView Compact SV-CPT-MC310 versions prior t... | 4.3 - MEDIUM | 2023-05-23 | 2023-05-30 |
| CVE-2023-27917 json | OS command injection vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker who can access Ne... | 8.8 - HIGH | 2023-04-11 | 2023-04-18 |
| CVE-2023-27521 json | OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and ... | 8.8 - HIGH | 2023-05-23 | 2023-05-30 |
| CVE-2023-27518 json | Buffer overflow vulnerability in the multiple setting pages of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and ... | 8.8 - HIGH | 2023-05-23 | 2023-05-30 |
| CVE-2023-27514 json | OS command injection vulnerability in the download page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-C... | 8.8 - HIGH | 2023-05-23 | 2023-05-30 |
| CVE-2023-27512 json | Use of hard-coded credentials exists in SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10, and SV-CPT-MC310F versions... | 7.2 - HIGH | 2023-05-23 | 2023-05-30 |
| CVE-2023-27389 json | Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an... | 7.2 - HIGH | 2023-04-11 | 2023-04-18 |
| CVE-2023-23575 json | Improper access control vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker to bypass acce... | 4.3 - MEDIUM | 2023-04-11 | 2023-04-18 |
| CVE-2023-23333 json | There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing int... | 9.8 - CRITICAL | 2023-02-06 | 2023-09-06 |
| CVE-2023-22373 json | Cross-site scripting vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote authenticated attacker... | 5.4 - MEDIUM | 2023-01-20 | 2023-01-26 |
| CVE-2023-22339 json | Improper access control vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote unauthenticated att... | 7.5 - HIGH | 2023-01-20 | 2023-01-26 |