CVE-2026-22192

CRITICAL

9.9CVSS v3

—CVSS v2

0.06% EPSS (exploit probability)

CWE-306CWE

Description

Voltronic Power SNMP Web Pro version 1.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to access privileged management functions by manipulating browser localStorage values. Attackers can modify client-side authentication state to bypass server-side access controls and gain unauthorized access to protected management functionality without valid credentials.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE