Voltronic Power ViewPower UpsScheduler Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the UpsScheduler class. The issue results from an exposed dangerous method. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-22036.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.zerodayinitiative.com/advisories/ZDI-23-1888/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: zdi
Published: 2024-05-03T02:15:14.835Z
Updated: 2024-08-02T22:40:33.769Z
Reserved: 2023-12-20T20:38:20.868Z
Link: CVE-2023-51583
Vulnrichment
Updated: 2024-08-02T22:40:33.769Z
NVD
Status : Awaiting Analysis
Published: 2024-05-03T03:16:18.200
Modified: 2024-11-21T08:38:25.843
Link: CVE-2023-51583
Redhat
No data.