226 matches found
CVE-2023-51579 Voltronic Power ViewPower Incorrect Permission Assignment Local Privilege Escalation Vulnerability
Voltronic Power ViewPower Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower. An attacker must first obtain the ability to execute low-privileged code on...
CVE-2023-51578 Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Denial-of-Service Vulnerability
Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerabilit...
CVE-2023-51578
CVE-2023-51578 affects Voltronic Power ViewPower MonitorConsole. The flaw is an exposed dangerous method in the MonitorConsole class enabling remote DoS without authentication. Public sources (ZDI-23-1884) confirm the issue, but no concrete remediation/version fix is provided in the connected doc...
CVE-2023-51577
Voltronic Power ViewPower contains a local privilege escalation in the setShutdown method. The flaw arises from an exposed dangerous method that allows a low-privileged attacker who can run code locally to escalate to SYSTEM and execute arbitrary code. This is documented across multiple sources (...
CVE-2023-51577 Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation Vulnerability
Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower. An attacker must first obtain the ability to execute low-privileged cod...
CVE-2023-51578 Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Denial-of-Service Vulnerability
Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerabilit...
CVE-2023-51577 Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation Vulnerability
Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower. An attacker must first obtain the ability to execute low-privileged cod...
CVE-2023-51576
Summary: CVE-2023-51576 affects Voltronic Power ViewPower. The vulnerability exists in the RMI interface listening by default on TCP port 51099 and stems from improper validation of user-supplied data, allowing deserialization of untrusted data and resulting in remote code execution in the contex...
CVE-2023-51576 Voltronic Power ViewPower Deserialization of Untrusted Data Remote Code Execution Vulnerability
Voltronic Power ViewPower Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The specific...
CVE-2023-51575
CVE-2023-51575 concerns Voltronic Power ViewPower MonitorConsole, where an exposed dangerous method in the MonitorConsole class enables remote code execution with no authentication. Documents confirm RCE context and lack of required privileges, affecting Voltronic Power ViewPower installations, b...
CVE-2023-51575 Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability
Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The...
CVE-2023-51574
CVE-2023-51574 — Voltronic Power ViewPower authentication bypass . Affected software: Voltronic Power ViewPower (monitoring/management software for solar inverters). Vulnerability: The flaw exists in the updateManagerPassword method where a dangerous function is exposed, enabling remote attackers...
CVE-2023-51574 Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass Vulnerability
Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. T...
CVE-2023-51574 Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass Vulnerability
Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. T...
Voltronic Power ViewPower 安全漏洞
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. Voltronic Power ViewPower Pro suffers from an XML external entity injection vulnerability that can be exploited by attackers to disclose sensitive information...
Voltronic Power ViewPower 安全漏洞
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. Voltronic Power ViewPower suffers from an elevation of privilege vulnerability that is caused by incorrect permissions being set on a folder. An attacker could use this vulnerability to escalate...
Voltronic Power ViewPower 安全漏洞
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. An elevation of privilege vulnerability exists in Voltronic Power ViewPower, which can be exploited by an attacker to escalate privileges and execute arbitrary code in the SYSTEM context...
Voltronic Power ViewPower 安全漏洞
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. A remote code execution vulnerability exists in Voltronic Power ViewPower, which stems from a specific flaw in the MonitorConsole class that can be exploited by an attacker to execute arbitrary...
Voltronic Power ViewPower 安全漏洞
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. A security bypass vulnerability exists in Voltronic Power ViewPower that stems from a specific flaw in the updateManagerPassword method, which can be exploited by an attacker to bypass...
Voltronic Power ViewPower 安全漏洞
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. An elevation of privilege vulnerability exists in Voltronic Power ViewPower Pro due to hard-coded database credentials. An attacker can exploit the vulnerability to escalate privileges and execu...