CVE-2021-20661

HIGH

SolarView Compact SV-CPT-MC310 <6.5 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors.

References (3)

Core 3

Core References

Vendor Advisory x_refsource_misc

https://www.contec.com/jp/api/downloadlogger?download=https://www.contec.com/jp/-/media/contec/jp/support/security-info/contec_security_solarview_210216.pdf

Vendor Advisory x_refsource_misc

https://www.contec.com/jp/download/contract/contract2/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e&downloaditemid=fa248fba-8901-4d9e-8212-b139f2defbdf

Third Party Advisory x_refsource_misc

https://jvn.jp/en/jp/JVN37417423/index.html

Scores

CVSS v3 8.1

EPSS 0.0239

EPSS Percentile 81.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Details

CWE

CWE-22

Status published

Products (1)

contec/sv-cpt-mc310_firmware < 6.5

Published Feb 24, 2021

Tracked Since Feb 18, 2026