1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. SolarView Compact Command Injection Vulnerability

Known Exploited Vulnerabilities CVE-2022-29303 Mappings

SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2022-29303 SolarView Compact Command Injection Vulnerability secondary_impact T1496 Resource Hijacking
Comments
CVE-2022-29303 is a command injection vulnerability within a PHP component in the product's web server. Reports indicate that the vulnerability have been exploited by operators of Mirai botnet malware.
References
  1. https://vulncheck.com/blog/solarview-exploitation
  2. https://unit42.paloaltonetworks.com/mirai-variant-targets-iot-exploits/
CVE-2022-29303 SolarView Compact Command Injection Vulnerability primary_impact T1059 Command and Scripting Interpreter
Comments
CVE-2022-29303 is a command injection vulnerability within a PHP component in the product's web server. Reports indicate that the vulnerability have been exploited by operators of Mirai botnet malware.
References
  1. https://vulncheck.com/blog/solarview-exploitation
  2. https://unit42.paloaltonetworks.com/mirai-variant-targets-iot-exploits/
CVE-2022-29303 SolarView Compact Command Injection Vulnerability exploitation_technique T1505 Server Software Component
Comments
CVE-2022-29303 is a command injection vulnerability within a PHP component in the product's web server. Reports indicate that the vulnerability have been exploited by operators of Mirai botnet malware.
References
  1. https://vulncheck.com/blog/solarview-exploitation
  2. https://unit42.paloaltonetworks.com/mirai-variant-targets-iot-exploits/