Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The specific flaw exists within the updateManagerPassword method. The issue results from the exposure of a dangerous function. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-22010.
The vulnerability concerns the updateManagerPassword method, which is available without authentication and exposes the use of a dangerous function (CWE-749 — Exposed Dangerous Method or Function). An attacker can invoke this method remotely over the network without needing to provide login credentials. This allows manipulation of the system manager password and thus complete bypass of the access control mechanism.
An attacker can gain full control over the power management system through unauthorized manager password change, resulting in loss of confidentiality, integrity, and availability of the protected installation.
Apply patches available from the manufacturer according to the references. Additionally, it is recommended to restrict network access to the ViewPower interface exclusively to trusted hosts and to monitor unauthorized access attempts to the updateManagerPassword method.
Voltronic Power ViewPower — versions indicated in the manufacturer's references (details in the ZDI-23-1880 advisory)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HVoltronicpower Viewpower
APPVoltronicpower1.04.21353
Related vulnerabilities
Voltronic Power ViewPower — RCE przez odsłoniętą niebezpieczną metodę klasy MacMonitorConsole
Voltronic Power ViewPower — RCE przez wystawioną niebezpieczną metodę LinuxMonitorConsole
RCE przez deserializację w Voltronic Power ViewPower (port TCP 51099)
Voltronic Power ViewPower — RCE przez niechronioną metodę w klasie MonitorConsole
RCE w Voltronic Power ViewPower — odsłonięta niebezpieczna metoda UpsScheduler