Takayuki Sasak

Name of the Vulnerable Software and Affected Versions: SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5 Description: The issue allows an authenticated attacker to obtain and/or alter the setting information without the access privilege via unspecified vectors. This is due to an improper access control vulnerability. Recommendations: For SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5, update to Ver.6.5 or later to resolve the issue. As a temporary workaround, consider restricting access to setting information to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5 Description: The issue allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors. Recommendations: For SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5, update to Ver.6.5 or later to resolve the issue.