Browse all 4 CVE security advisories affecting Riello UPS. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Riello UPS designs uninterruptible power supply systems for critical infrastructure protection. Historically, their products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, with four CVEs currently documented. Security researchers have identified issues in web interfaces and communication protocols that could allow unauthorized access or system compromise. While no major public incidents have been widely reported, the presence of multiple CVEs indicates potential attack surfaces that require regular patching and network segmentation. Their integration into enterprise environments makes them attractive targets for lateral movement attacks, emphasizing the need for robust security configurations and monitoring.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-47893 | NetMan 204 Remote Code Execution — Netman-204CWE-434 | 10.0 | Critical | 2023-10-03 |
| CVE-2022-47892 | Information disclosure in NetMan 204 — Netman-204CWE-200 | 5.3 | Medium | 2023-10-03 |
| CVE-2022-47891 | Admin password reset in NetMan 204 — Netman-204CWE-798 | 8.1 | High | 2023-10-03 |
| CVE-2022-3372 | Cross-Site Request Forgery (CSRF) in Riello UPS Netman-204 — Netman-204CWE-352 | 8.8 | High | 2023-06-21 |
This page lists every published CVE security advisory associated with Riello UPS. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.