Voltronicpower: >> Snmp Web Pro Security Vulnerabilities
Cross Site Scripting (XSS) in Voltronic Power SNMP Web Pro v.1.1 allows an attacker to execute arbitrary code via a crafted script within a request to the webserver.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-12-12
An issue in SNMP Web Pro v.1.1 allows a remote attacker to execute arbitrary code and obtain senstive information via a crafted request.
CVSS Score
9.8
EPSS Score
0.017
Published
2023-09-12
The authentication mechanism in PowerShield SNMP Web Pro 1.1 contains a vulnerability that allows unauthenticated users to directly access Common Gateway Interface (CGI) scripts without proper identification or authorization. This vulnerability arises from a lack of proper cookie verification and affects all instances of SNMP Web Pro 1.1 without HTTP Digest authentication enabled, regardless of the password used for the web interface.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-07-12