Lucene search
K

100 matches found

CNVD
CNVD
added 2023/12/25 12:0 a.m.5 views

Voltronic Power ViewPower Remote Code Execution Vulnerability (CNVD-2025-2160197)

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. A remote code execution vulnerability exists in Voltronic Power ViewPower Pro, which can be exploited by an attacker to execute code in the context of LOCAL SERVICE...

9.8CVSS9.8AI score0.01603EPSS
Exploits0References1
CNVD
CNVD
added 2023/12/25 12:0 a.m.2 views

Voltronic Power ViewPower Remote Code Execution Vulnerability (CNVD-2025-2159801)

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. A remote code execution vulnerability exists in Voltronic Power ViewPower Pro, which is caused by a lack of proper validation of user-supplied data. An attacker can exploit the vulnerability to...

9.8CVSS9.7AI score0.01483EPSS
Exploits0References1
CNVD
CNVD
added 2023/12/25 12:0 a.m.3 views

Voltronic Power ViewPower Remote Code Execution Vulnerability (CNVD-2025-2160098)

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. A remote code execution vulnerability exists in Voltronic Power ViewPower Pro, which is caused by failing to properly validate a user-supplied string before executing a system call with it. An...

9.8CVSS9.7AI score0.38423EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/12/20 12:0 a.m.29 views

(0Day) Voltronic Power ViewPower Pro selectDeviceListBy SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the selectDeviceListBy method. The issue results from the lack of proper...

9.8CVSS8.1AI score0.48168EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2023/12/20 12:0 a.m.24 views

(0Day) Voltronic Power ViewPower Pro getMacAddressByIp Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getMacAddressByIP function. The issue results from the lack of proper...

9.8CVSS7.6AI score0.38423EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.6 views

PT-2023-8159 · Voltronic Power · Voltronic Power Viewpower

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower Pro affected versions not specified Description: The issue is related to the lack of authentication in the SocketService module of Voltronic Power ViewPower Pro, allowing remote attackers to create a denial-of-servic...

7.8CVSS7.5AI score0.00667EPSS
Exploits0References8
Zero Day Initiative
Zero Day Initiative
added 2023/12/20 12:0 a.m.30 views

(0Day) Voltronic Power ViewPower Pro Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI interface, which listens on TCP port 41009 by default. The issue...

9.8CVSS7.8AI score0.0104EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2023/12/20 12:0 a.m.19 views

(0Day) Voltronic Power ViewPower Pro doDocument XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the doDocument method. Due to the improper restriction of XML...

6.5CVSS6.5AI score0.01108EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.7 views

PT-2023-8167 · Voltronic Power · Voltronic Power Viewpower

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower Pro affected versions not specified Description: The issue is related to the selectDeviceListBy method of the Voltronic Power ViewPower Pro software, which does not properly validate user-supplied input for SQL...

10CVSS8AI score0.48168EPSS
Exploits0References8
Zero Day Initiative
Zero Day Initiative
added 2023/12/20 12:0 a.m.18 views

(0Day) Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SocketService module, which listens on UDP port 41222 by...

7.5CVSS7.1AI score0.00667EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.4 views

PT-2023-8175 · Voltronic Power · Voltronic Power Viewpower

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. The specific flaw exists within the shutdown metho...

10CVSS7.4AI score0.01127EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.7 views

PT-2023-8171 · Oracle +1 · Mysql Server +1

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower Pro affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations. The flaw exists within the configuration of a MySQL instance, resulting from...

7.8CVSS7.4AI score0.00234EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.5 views

PT-2023-8158 · Voltronic Power · Voltronic Power Viewpower

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower Pro affected versions not specified Description: This issue allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower Pro. The specific flaw exists within the...

10CVSS9.5AI score0.45744EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.7 views

PT-2023-8157 · Voltronic Power · Voltronic Power Viewpower

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower Pro affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...

9.8CVSS9.8AI score0.0104EPSS
Exploits0References10
Zero Day Initiative
Zero Day Initiative
added 2023/12/20 12:0 a.m.25 views

(0Day) Voltronic Power ViewPower Pro Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Struts2 dependency. The issue results from the use of a library that i...

9.8CVSS8AI score0.01603EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2023/12/20 12:0 a.m.27 views

(0Day) Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the updateManagerPassword function. The issue results from the exposure of ...

9.8CVSS7.2AI score0.45744EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.8 views

PT-2023-8170 · Voltronic Power · Voltronic Power Viewpower

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower Pro affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...

10CVSS7.7AI score0.01483EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.5 views

PT-2023-8160 · Voltronic Power · Voltronic Power Viewpower

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower Pro affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...

10CVSS9.8AI score0.38423EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.9 views

PT-2023-8168 · Voltronic Power +1 · Voltronic Power Viewpower +1

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower Pro affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...

10CVSS7.9AI score0.01603EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.5 views

PT-2023-8172 · Voltronic Power · Voltronic Power Viewpower

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower Pro affected versions not specified Description: The issue is related to the selectEventConfig method in Voltronic Power ViewPower Pro, which lacks proper validation of user-supplied strings used to construct SQL...

9.8CVSS8.2AI score0.01331EPSS
Exploits0References9
Rows per page
Query Builder