CVE-2023-23333

Critical

There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal…

mitre·CWE-77·Published 2023-02-06

CVSS

9.8

EPSS

0.99

KEV

Exploits

cve.orgen

167 chars

There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.

NVDen

167 chars

There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.

Existe una vulnerabilidad de inyección de comandos en SolarView Compact hasta la versión 6.00, los atacantes pueden ejecutar comandos eludiendo las restricciones internas a través de downloader.php.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H