ready2disclose

2 exploits Active since Aug 2025
CVE-2022-31491 NOMISEC CRITICAL WRITEUP
Voltronic Power ViewPower <1.04-24215, ViewPower Pro <2.0-22165, Po...
Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote attacker to run arbitrary code via an unspecified web interface related to detection of a managed UPS shutting down. An unauthenticated attacker can use this to run arbitrary code immediately regardless of any managed UPS state or presence.
CVSS 10.0
CVE-2022-43110 NOMISEC CRITICAL WRITEUP
Voltronic Power ViewPower <1.04-21353 & PowerShield Netguard <1.04-...
Voltronic Power ViewPower through 1.04-21353 and PowerShield Netguard before 1.04-23292 allows a remote attacker to configure the system via an unspecified web interface. An unauthenticated remote attacker can make changes to the system including: changing the web interface admin password, view/change system configuration, enumerate connected UPS devices and shut down connected UPS devices. This extends to being able to configure operating system commands that should run if the system detects a connected UPS shutting down.
CVSS 9.8