漏洞描述
Contec SolarView Compact 是日本 Contec 公司开发的一款光伏发电测量系统。该漏洞存在于 /texteditor.php 接口中,攻击者可以通过构造恶意请求利用命令注入漏洞,执行任意命令,从而完全控制受影响的系统。
Contec SolarView Compact /texteditor.php 代码执行漏洞(CVE-2023-46509)
PoC代码
暂无相关漏洞推荐
- POC CVE-2022-29298: SolarView Compact 6.00 - Local File Inclusion
- POC CVE-2022-29299: SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting
- POC CVE-2022-29301: SolarView Compact 6.00 - 'pow' Cross-Site Scripting
- POC CVE-2022-29303: SolarView Compact 6.00 - OS Command Injection
- POC CVE-2022-31373: SolarView Compact 6.00 - Cross-Site Scripting
- POC CVE-2022-40881: SolarView 6.00 - Remote Command Execution
- POC CVE-2023-23333: SolarView Compact 6.00 - OS Command Injection
- POC CVE-2023-29919: SolarView Compact <= 6.00 - Local File Inclusion
- POC CVE-2022-29303: SolarView Compact conf_mail.php 远程命令执行漏洞
- POC CVE-2022-40881: SolarView network_test.php 远程命令执行漏洞
- POC CVE-2023-23333: SolarView downloader.php rce
- POC CVE-2023-29919: SolarView Compact <= 6.00 - Local File Inclusion
- POC solarview-compact-xss: SolarView Compact 6.00 - Cross-Site Scripting