PT-2021-14121 · Unknown · Solarview Compact Sv-Cpt-Mc310

Katsunari Yoshioka

Published

2021-02-24

Updated

2021-03-01

CVE-2021-20661

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions: SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5

Description: The issue allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors. This is a directory traversal vulnerability.

Recommendations: For SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5, update to Ver.6.5 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories on the server to minimize the risk of exploitation.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2021-20661

Affected Products

Solarview Compact Sv-Cpt-Mc310

PT-2021-14121 · Unknown · Solarview Compact Sv-Cpt-Mc310

CVE-2021-20661

Weakness Enumeration

Related Identifiers

Affected Products

References · 7