CVEs-PoC/2021/CVE-2021-20658.md

### [CVE-2021-20658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20658)
![](https://img.shields.io/static/v1?label=Product&message=SolarView%20Compact&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=SV-CPT-MC310%20prior%20to%20Ver.6.5%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=OS%20Command%20Injection&color=brightgreen)

### Description

SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors.

### POC

#### Reference
- https://www.contec.com/jp/api/downloadlogger?download=https://www.contec.com/jp/-/media/contec/jp/support/security-info/contec_security_solarview_210216.pdf

#### Github
- https://github.com/20142995/nuclei-templates
- https://github.com/cyb3r-w0lf/nuclei-template-collection