[Japanese]

JVNDB-2022-001923

Multiple vulnerabilities in CONTEC SolarView Compact

Overview

SolarView Compact provided by CONTEC CO., LTD. is PV Measurement System. SolarView Compact contains multiple vulnerabilities listed below.

OS command injection (CWE-78) - CVE-2022-29303
Improper validation of input values on the send test mail console of the product's web server may result in OS command injection.

Directory traversal (CWE-23) - CVE-2022-29298
Improper validation of a URL on the download page of the product's web server may allow a remote attacker to view and obtain an arbitrary file.

Information disclosure (CWE-200) - CVE-2022-29302
The hidden page which enables to edit the product's web server contents exists in the product's web server, and a remote attacker to read and/or alter an arbitrary file on the web server via the hidden page.
CVSS Severity (What is CVSS?)



CVSS V3 Severity:
Base Metrics8.8 (High) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2022-29303


CVSS V3 Severity:
Base Metrics9.8 (Critical) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2022-29298


CVSS V3 Severity:
Base Metrics6.5 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2022-29302
Affected Products


Contec
  • SolarView Compact SV-CPT-MC310 versions prior to Ver.6.50 (CVE-2022-29298, CVE-2022-29302)
  • SolarView Compact SV-CPT-MC310 versions prior to Ver.7.21 (CVE-2022-29303)
  • SolarView Compact SV-CPT-MC310F versions prior to Ver.6.50 (CVE-2022-29298, CVE-2022-29302)
  • SolarView Compact SV-CPT-MC310F versions prior to Ver.7.21 (CVE-2022-29303)

Impact

Exploiting these vulnerabilities may result in the impacts listed below.

* An attacker who can access the product settings may execute an arbitrary OS command - CVE-2022-29303
* A remote attacker may obtain an arbitrary file - CVE-2022-29298
* A remote attacker may view and/or altered an arbitrary file on the web server - CVE-2022-29302
Solution

[Update the firmware]
Update the firmware to the latest version according to the information provided by the developer.
These vulnerabilities have been already addressed in the following firmware versions.

* SV-CPT-MC310 Ver.7.21
* SV-CPT-MC310F Ver.7.21

[Apply the workaround]
Applying the following workarounds may mitigate the impacts of these vulnerabilities.
* Disconnect from network if the product being used in the standalone environment
* Setup a firewall and run the product behind it
* Configure the product in the trusted and closed network
* Choose "User authentications required in all menus" under "User authentication target settings" in "User account settings"
* Change default credentials
Vendor Information

Contec
CWE (What is CWE?)

  1. OS Command Injection(CWE-78) [Other]
  2. Relative Path Traversal(CWE-23) [Other]
  3. Information Exposure(CWE-200) [Other]
CVE (What is CVE?)

  1. CVE-2022-29303
  2. CVE-2022-29298
  3. CVE-2022-29302
References

  1. JVN : JVNVU#92327282
Revision History

  • [2022/05/27]
      Web page was published
  • [2022/06/10]
      Title was modified
      Description was modified
      CVSS Severity was modified
      Impact was modified 
      Solution was modified 
      Affected Products were modified
      References : Contents were added
      CWE : Contents were added