226 matches found
CVE-2023-51579 Voltronic Power ViewPower Incorrect Permission Assignment Local Privilege Escalation Vulnerability
Voltronic Power ViewPower Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower. An attacker must first obtain the ability to execute low-privileged code on...
CVE-2023-51578 Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Denial-of-Service Vulnerability
Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerabilit...
CVE-2023-51577
Voltronic Power ViewPower contains a local privilege escalation in the setShutdown method. The flaw arises from an exposed dangerous method that allows a low-privileged attacker who can run code locally to escalate to SYSTEM and execute arbitrary code. This is documented across multiple sources (...
CVE-2023-51577 Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation Vulnerability
Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower. An attacker must first obtain the ability to execute low-privileged cod...
CVE-2023-51578 Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Denial-of-Service Vulnerability
Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerabilit...
CVE-2023-51577 Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation Vulnerability
Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower. An attacker must first obtain the ability to execute low-privileged cod...
CVE-2023-51578
CVE-2023-51578 affects Voltronic Power ViewPower MonitorConsole. The flaw is an exposed dangerous method in the MonitorConsole class enabling remote DoS without authentication. Public sources (ZDI-23-1884) confirm the issue, but no concrete remediation/version fix is provided in the connected doc...
CVE-2023-51576 Voltronic Power ViewPower Deserialization of Untrusted Data Remote Code Execution Vulnerability
Voltronic Power ViewPower Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The specific...
CVE-2023-51576
Summary: CVE-2023-51576 affects Voltronic Power ViewPower. The vulnerability exists in the RMI interface listening by default on TCP port 51099 and stems from improper validation of user-supplied data, allowing deserialization of untrusted data and resulting in remote code execution in the contex...
CVE-2023-51575 Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability
Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The...
CVE-2023-51575
CVE-2023-51575 concerns Voltronic Power ViewPower MonitorConsole, where an exposed dangerous method in the MonitorConsole class enables remote code execution with no authentication. Documents confirm RCE context and lack of required privileges, affecting Voltronic Power ViewPower installations, b...
CVE-2023-51574 Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass Vulnerability
Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. T...
CVE-2023-51574 Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass Vulnerability
Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. T...
CVE-2023-51574
CVE-2023-51574 — Voltronic Power ViewPower authentication bypass . Affected software: Voltronic Power ViewPower (monitoring/management software for solar inverters). Vulnerability: The flaw exists in the updateManagerPassword method where a dangerous function is exposed, enabling remote attackers...
Voltronic Power ViewPower 安全漏洞
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. A remote code execution vulnerability exists in Voltronic Power ViewPower, which can be exploited by an attacker to execute code in the context of the current user...
Voltronic Power ViewPower 安全漏洞
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. A remote code execution vulnerability exists in Voltronic Power ViewPower Pro, which is caused by a lack of proper validation of user-supplied data. An attacker can exploit the vulnerability to...
Voltronic Power ViewPower 安全漏洞
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. Voltronic Power ViewPower suffers from an information disclosure vulnerability that is caused by a lack of authentication before allowing access to functionality. An attacker could exploit the...
Voltronic Power ViewPower 安全漏洞
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. Voltronic Power ViewPower suffers from a remote code execution vulnerability that stems from a specific flaw in the LinuxMonitorConsole class, which can be exploited by an attacker to execute co...
Voltronic Power ViewPower 安全漏洞
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. Voltronic Power ViewPower Pro suffers from a SQL injection vulnerability that is caused by failing to properly validate a user-supplied string before constructing a SQL query using it. An attack...
Voltronic Power ViewPower 安全漏洞
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. A remote code execution vulnerability exists in Voltronic Power ViewPower Pro, which can be exploited by an attacker to execute code in the context of LOCAL SERVICE...