Browse all 5 CVE security advisories affecting Riello. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Riello specializes in uninterruptible power supply (UPS) systems and power management solutions for critical infrastructure. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and authentication flaws. Notable security characteristics include exposed network services and default credentials in some models. While no major public incidents have been widely documented, the five CVEs on record highlight ongoing security concerns in IoT and industrial control systems, particularly around web interfaces and communication protocols that require regular patching and hardening to prevent unauthorized access.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-68916 | Riello UPS NetMan 208 安全漏洞 — NetManCWE-25 | 9.1 | Critical | 2025-12-24 |
| CVE-2025-68915 | Riello UPS NetMan 208 跨站脚本漏洞 — NetManCWE-79 | 5.5 | Medium | 2025-12-24 |
| CVE-2025-68914 | Riello UPS NetMan 208 SQL注入漏洞 — NetManCWE-89 | 6.5 | Medium | 2025-12-24 |
| CVE-2024-8877 | SQL Injection — Netman 204CWE-89 | 9.8AI | CriticalAI | 2024-09-24 |
| CVE-2024-8878 | Unauthenticated Password Reset — Netman 204CWE-640 | 9.8AI | CriticalAI | 2024-09-24 |
This page lists every published CVE security advisory associated with Riello. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.