Snmp Web Pro

snmp_web_pro

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-49563 1Voltronicpower 1Snmp Web Pro Nov 21, 2024 Dec 12, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross Site Scripting (XSS) in Voltronic Power SNMP Web Pro v.1.1 allows an attacker to execute arbitrary code via a crafted script within a request to the webserver.
CVE-2023-39073 1Voltronicpower 1Snmp Web Pro Nov 21, 2024 Sep 12, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in SNMP Web Pro v.1.1 allows a remote attacker to execute arbitrary code and obtain senstive information via a crafted request.
CVE-2023-33274 1Voltronicpower 1Snmp Web Pro Nov 21, 2024 Jul 12, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The authentication mechanism in PowerShield SNMP Web Pro 1.1 contains a vulnerability that allows unauthenticated users to directly access Common Gateway Interface (CGI) scripts without proper identification or authoriza...Show more The authentication mechanism in PowerShield SNMP Web Pro 1.1 contains a vulnerability that allows unauthenticated users to directly access Common Gateway Interface (CGI) scripts without proper identification or authorization. This vulnerability arises from a lack of proper cookie verification and affects all instances of SNMP Web Pro 1.1 without HTTP Digest authentication enabled, regardless of the password used for the web interface.Show less