CVE-2022-43110

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower versions 1.04-21353 and earlier PowerShield Netguard versions prior to 1.04-23292

Description: A remote attacker can configure the system via a web interface without authentication. This includes changing the web interface admin password, viewing/changing system configuration, enumerating connected UPS devices, and shutting down connected UPS devices. The attacker can also configure operating system commands to run if a connected UPS shuts down.

Recommendations: Voltronic Power ViewPower versions 1.04-21353 and earlier: Update to a newer version. PowerShield Netguard versions prior to 1.04-23292: Update to version 1.04-23292 or later.