GCVE - cpe:2.3:o:contec:solarview_compact_firmware:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:contec:solarview_compact_firmware:*:*:*:*:*:*:*:*

part: o version: * update: *

Vendor	Contec (`12d4c7df-5901-5f24-95ff-bbf411520843`)
Product	Solarview Compact Firmware (`ff3d93e7-2a93-5963-b72a-668f4884adb3`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-46509`	vulnerable	2026-06-03 14:53:10.101760	Details available An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component. Published: 2023-10-27T00:00:00.000Z Updated: 2024-09-12T14:13:31.239Z Open on db.gcve.eu Reference links https://gist.github.com/ATonysan/d6f72e9eb90407d64bed4566aa80afb1#file-cve-2023-46509	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-40924`	vulnerable	2026-06-03 14:52:50.752815	Details available SolarView Compact < 6.00 is vulnerable to Directory Traversal. Published: 2023-09-08T00:00:00.000Z Updated: 2024-09-26T17:33:57.476Z Open on db.gcve.eu Reference links https://nvd.nist.gov/vuln/detail/CVE-2023-33620 https://github.com/Yobing1/CVE-2023-40924/blob/main/README.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-29919`	vulnerable	2026-06-03 14:51:41.464372	Details available SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted. Published: 2023-05-23T00:00:00.000Z Updated: 2025-01-17T18:26:54.116Z Open on db.gcve.eu Reference links https://www.solarview.io/ https://github.com/xiaosed/CVE-2023-29919/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-23333`	vulnerable	2026-06-03 14:49:21.251682	Details available There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php. Published: 2023-02-06T00:00:00.000Z Updated: 2025-03-26T18:37:27.035Z Open on db.gcve.eu Reference links https://github.com/Timorlover/CVE-2023-23333 http://packetstormsecurity.com/files/174537/SolarView-Compact-6.00-Remote-Command-Execution.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.