A vulnerability, which was classified as critical, was found in Solare Solar-Log 2.8.4-56/3.5.2-85. This affects an unknown part of the component File Upload. The manipulation leads to privilege escalation. It is possible to initiate the attack remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is recommended to upgrade the affected component.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Solar-log_250_firmware | Solar-log | 2.8.4-56 (including) | 2.8.4-56 (including) |
| Solar-log_250_firmware | Solar-log | 3.5.2-85 (including) | 3.5.2-85 (including) |