Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the updateManagerPassword method. The issue results from the exposure of a dangerous function. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-22010.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.zerodayinitiative.com/advisories/ZDI-23-1880/ |
![]() ![]() ![]() |
History
Wed, 09 Jul 2025 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Voltronicpower
Voltronicpower viewpower |
|
CPEs | cpe:2.3:a:voltronicpower:viewpower:1.04.21353:*:*:*:-:*:*:* | |
Vendors & Products |
Voltronicpower
Voltronicpower viewpower |

Status: PUBLISHED
Assigner: zdi
Published: 2024-05-03T02:15:07.769Z
Updated: 2024-08-02T22:40:33.602Z
Reserved: 2023-12-20T20:38:20.867Z
Link: CVE-2023-51574

Updated: 2024-08-02T22:40:33.602Z

Status : Analyzed
Published: 2024-05-03T03:16:16.540
Modified: 2025-07-09T19:04:29.680
Link: CVE-2023-51574

No data.