Voltronic Power ViewPower UpsScheduler Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the UpsScheduler class. The issue results from an exposed dangerous method. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-22036.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.zerodayinitiative.com/advisories/ZDI-23-1888/ |
![]() ![]() ![]() |
History
Wed, 09 Jul 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Voltronicpower
Voltronicpower viewpower |
|
CPEs | cpe:2.3:a:voltronicpower:viewpower:1.04.21353:*:*:*:-:*:*:* | |
Vendors & Products |
Voltronicpower
Voltronicpower viewpower |

Status: PUBLISHED
Assigner: zdi
Published: 2024-05-03T02:15:14.835Z
Updated: 2024-08-02T22:40:33.769Z
Reserved: 2023-12-20T20:38:20.868Z
Link: CVE-2023-51583

Updated: 2024-08-02T22:40:33.769Z

Status : Analyzed
Published: 2024-05-03T03:16:18.200
Modified: 2025-07-09T16:59:17.133
Link: CVE-2023-51583

No data.