Filtered by vendor Voltronicpower
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49563 | 1 Voltronicpower | 1 Snmp Web Pro | 2024-02-28 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in Voltronic Power SNMP Web Pro v.1.1 allows an attacker to execute arbitrary code via a crafted script within a request to the webserver. | |||||
| CVE-2023-39073 | 1 Voltronicpower | 1 Snmp Web Pro | 2024-02-28 | N/A | 9.8 CRITICAL |
| An issue in SNMP Web Pro v.1.1 allows a remote attacker to execute arbitrary code and obtain senstive information via a crafted request. | |||||
| CVE-2023-33274 | 1 Voltronicpower | 1 Snmp Web Pro | 2024-02-28 | N/A | 9.8 CRITICAL |
| The authentication mechanism in PowerShield SNMP Web Pro 1.1 contains a vulnerability that allows unauthenticated users to directly access Common Gateway Interface (CGI) scripts without proper identification or authorization. This vulnerability arises from a lack of proper cookie verification and affects all instances of SNMP Web Pro 1.1 without HTTP Digest authentication enabled, regardless of the password used for the web interface. | |||||