Arbitrary File Upload and Remote Code Execution in SolarView Compact SV-CPT-MC310

Arbitrary File Upload and Remote Code Execution in SolarView Compact SV-CPT-MC310

CVE-2021-20659 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to upload arbitrary files via unspecified vectors. If the file is PHP script, an attacker may execute arbitrary code.

Learn more about our Web Application Penetration Testing UK.