VYPR

SNMP Web Pro

by Voltronic Power

CVEs (4)

  • CVE-2026-22192CriMar 13, 2026
    risk 0.64cvss 9.9epss 0.00

    Voltronic Power SNMP Web Pro version 1.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to access privileged management functions by manipulating browser localStorage values. Attackers can modify client-side authentication state to bypass…

  • CVE-2026-22199HigMar 13, 2026
    risk 0.49cvss 7.5epss 0.01

    Voltronic Power SNMP Web Pro version 1.1 contains a pre-authentication path traversal vulnerability in the upload.cgi endpoint that allows unauthenticated attackers to read arbitrary files on the device filesystem by supplying directory traversal sequences in the params…

  • CVE-2023-49563MedDec 12, 2023
    risk 0.40cvss 6.1epss 0.01

    Cross Site Scripting (XSS) in Voltronic Power SNMP Web Pro v.1.1 allows an attacker to execute arbitrary code via a crafted script within a request to the webserver.

  • CVE-2025-65287Dec 9, 2025
    risk 0.00cvss epss 0.01

    An unauthenticated directory traversal vulnerability in cgi-bin/upload.cgi in SNMP Web Pro 1.1 allows a remote attacker to read arbitrary files. The CGI concatenates the user-supplied params directly onto the base path (/var/www/files/userScript/) using memcpy + strcat without…