Kouichirou Okada

Name of the Vulnerable Software and Affected Versions: M-System DL8 series (type A (DL8-A)) versions prior to Ver3.0 M-System DL8 series (type B (DL8-B)) versions prior to Ver3.0 M-System DL8 series (type C (DL8-C)) versions prior to Ver3.0 M-System DL8 series (type D (DL8-D)) versions prior to Ver3.0 M-System DL8 series (type E (DL8-E)) versions prior to Ver3.0 Description: The issue allows remote authenticated attackers to bypass access restriction and conduct prohibited operations via unspecified vectors. Recommendations: For M-System DL8 series type A (DL8-A) versions prior to Ver3.0, update to Ver3.0 or later. For M-System DL8 series type B (DL8-B) versions prior to Ver3.0, update to Ver3.0 or later. For M-System DL8 series type C (DL8-C) versions prior to Ver3.0, update to Ver3.0 or later. For M-System DL8 series type D (DL8-D) versions prior to Ver3.0, update to Ver3.0 or later. For M-System DL8 series type E (DL8-E) versions prior to Ver3.0, update to Ver3.0 or later.

Name of the Vulnerable Software and Affected Versions: SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5 Description: The issue allows an authenticated attacker to obtain information inside the system, such as directories and/or file configurations, through exposure of information via directory listing. Recommendations: For SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5, update to Ver.6.5 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5 Description: The issue allows an authenticated attacker to upload arbitrary files via unspecified vectors. If the uploaded file is a PHP script, the attacker may be able to execute arbitrary code. Recommendations: For SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5, update to Ver.6.5 or later to resolve the issue. As a temporary workaround, consider restricting file upload capabilities to prevent the execution of arbitrary code.

Name of the Vulnerable Software and Affected Versions: SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5 Description: The issue allows an attacker to inject an arbitrary script via unspecified vectors, potentially leading to cross-site scripting. Recommendations: For SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5, update to Ver.6.5 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5 Description: The issue allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors. This is a directory traversal vulnerability. Recommendations: For SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5, update to Ver.6.5 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories on the server to minimize the risk of exploitation.