Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote attacker to run arbitrary code via an unspecified web interface related to detection of a managed UPS shutting down. An unauthenticated attacker can use this to run arbitrary code immediately regardless of any managed UPS state or presence.
History

Sat, 23 Aug 2025 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Voltronic Power
Voltronic Power viewpower Pro
Voltronicpower
Voltronicpower viewpower
Vendors & Products Voltronic Power
Voltronic Power viewpower Pro
Voltronicpower
Voltronicpower viewpower

Fri, 22 Aug 2025 21:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-749
CWE-94
Metrics cvssV3_1

{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 22 Aug 2025 19:45:00 +0000

Type Values Removed Values Added
Description Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote attacker to run arbitrary code via an unspecified web interface related to detection of a managed UPS shutting down. An unauthenticated attacker can use this to run arbitrary code immediately regardless of any managed UPS state or presence.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2025-08-22T00:00:00.000Z

Updated: 2025-08-22T20:21:36.170Z

Reserved: 2022-05-23T00:00:00.000Z

Link: CVE-2022-31491

cve-icon Vulnrichment

Updated: 2025-08-22T20:17:24.825Z

cve-icon NVD

Status : Received

Published: 2025-08-22T20:15:31.573

Modified: 2025-08-22T21:15:29.320

Link: CVE-2022-31491

cve-icon Redhat

No data.