CVE-2022-31491

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower versions through 1.04-24215 Voltronic Power ViewPower Pro versions through 2.0-22165 PowerShield Netguard versions prior to 1.04-23292

Description: The software allows a remote attacker to run arbitrary code via an unspecified web interface related to detection of a managed UPS shutting down. An unauthenticated attacker can execute arbitrary code regardless of the managed UPS state or presence. This could potentially lead to power sabotage.

Recommendations: Voltronic Power ViewPower versions through 1.04-24215: Update to a version later than 1.04-24215. Voltronic Power ViewPower Pro versions through 2.0-22165: Update to a version later than 2.0-22165. PowerShield Netguard versions prior to 1.04-23292: Update to version 1.04-23292 or later.