CRITICAL🇵🇱 Wersja polska

CVE-2022-31491

CVSS 10.0v3.1pub. 2025-08-22upd. 2026-04-15

Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote attacker to run arbitrary code via an unspecified web interface related to detection of a managed UPS shutting down. An unauthenticated attacker can use this to run arbitrary code immediately regardless of any managed UPS state or presence.

🤖 AI Analysis
How it works

The vulnerability concerns the mechanism for detecting the shutdown state of a managed UPS power supply in the application's web interface. An attacker can send a crafted request to this interface without any authentication, resulting in arbitrary code execution on the server side. Importantly, the exploit works immediately and regardless of the actual state or presence of a connected UPS — no specific device configuration is required.

Impact

An attacker can gain full control over the system running the software, obtaining confidentiality, integrity, and availability of resources — potentially including the entire infrastructure power management network.

Mitigation & patch

PowerShield Netguard should be updated to version 1.04-23292 or later. For ViewPower and ViewPower Pro products, patches available from the manufacturer should be applied in accordance with references (CISA advisory ICSA-25-182-05). Until updates are applied, it is recommended to restrict access to the application's web interface exclusively to trusted networks or implement firewall / VPN protection.

Who is affected

Voltronic Power ViewPower in versions up to and including 1.04-24215, Voltronic Power ViewPower Pro in versions up to and including 2.0-22165, and PowerShield Netguard in versions before 1.04-23292.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References