Home

Description

Voltronic Power SNMP Web Pro version 1.1 contains a pre-authentication path traversal vulnerability in the upload.cgi endpoint that allows unauthenticated attackers to read arbitrary files on the device filesystem by supplying directory traversal sequences in the params parameter. Attackers can exploit this vulnerability to disclose sensitive files such as password hashes, which can be cracked offline to obtain root-level access and enable full system compromise.

PUBLISHED Reserved 2026-01-06 | Published 2026-03-13 | Updated 2026-04-23 | Assigner VulnCheck




HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status
unknown

1.1
affected

Credits

Jean-Marie Bourbon of Bourbon Offensive Security Services finder

VulnCheck coordinator

References

www.boffsec-services.com/posts/sicuroweb-cve-2026-22191/ exploit

github.com/...192-22199_Voltronic-Power_Preauth_root_RCE.txt exploit

github.com/...192-22199_Voltronic-Power_Preauth_root_RCE.txt technical-description

www.boffsec-services.com/posts/sicuroweb-cve-2026-22191/ technical-description

voltronicpower.com/ product

www.vulncheck.com/...p-web-pro-path-traversal-via-upload-cgi third-party-advisory

cve.org (CVE-2026-22199)

nvd.nist.gov (CVE-2026-22199)

Download JSON