PT-2023-8158 · Voltronic Power · Voltronic Power Viewpower

Esj4Y

Publicado

2023-12-20

Atualizado

2025-07-07

CVE-2023-51573

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Voltronic Power ViewPower Pro (affected versions not specified)

Description This issue allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower Pro. The specific flaw exists within the updateManagerPassword function, resulting from the exposure of a dangerous function. An attacker can leverage this vulnerability to bypass authentication on the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-749CWE-592CWE-287

Identificadores relacionados

BDU:2024-00142

CVE-2023-51573

ZDI-23-1879

Produtos afetados

Voltronic Power Viewpower

PT-2023-8158 · Voltronic Power · Voltronic Power Viewpower

CVE-2023-51573

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 11