Description
NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages (such as administration.html, administration-commands.html, and configuration.html) to disclose sensitive information including LDAP configuration and active user details, and can invoke privileged UPS control commands — including shutdown, reboot, switch-on-bypass, and battery test — without supplying any credentials.
Published: 2026-06-05
Score: 9.3 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages such as administration.html, administration-commands.html, and configuration.html to disclose sensitive information including LDAP configuration and active user details, and can invoke privileged UPS control commands — including shutdown, reboot, switch-on-bypass, and battery test — without supplying any credentials. The root weakness is the absence of authentication controls (CWE‑306).

Affected Systems

The vulnerability affects Riello UPS NetMan 204 firmware devices. All firmware versions of NetMan 204 are potentially impacted, as the firmware lacked authentication on administrative pages and command endpoints.

Risk and Exploitability

The CVSS score of 9.3 indicates a high severity vulnerability that could provide an attacker with full administrative control over the UPS device. EPSS is not available, so the likelihood of exploitation remains unknown. An attacker can send simple HTTP requests to the NetMan 204 administration interface, access pages such as administration.html and configuration.html, retrieve LDAP configuration and active user details, and issue privileged UPS commands without authentication. An exploit-db entry demonstrates that this flaw can be leveraged in practice. The vulnerability is not listed in the CISA KEV catalog.

Generated by OpenCVE AI on June 5, 2026 at 19:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest NetMan 204 firmware update from Riello that restores authentication on administrative endpoints (see https://www.riello‑ups.com/downloads/25-netman-204).
  • Restrict network access to the NetMan 204 administration interface by placing the device behind a firewall or VLAN so only trusted management hosts can reach it.
  • Configure the device to use secure communication (HTTPS) for administrative access and enforce strong authentication whenever possible; if the firmware update is delayed, temporarily disable remote access to administrative pages until the patch is applied.

Generated by OpenCVE AI on June 5, 2026 at 19:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 05 Jun 2026 18:15:00 +0000

Type Values Removed Values Added
Description NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages (such as administration.html, administration-commands.html, and configuration.html) to disclose sensitive information including LDAP configuration and active user details, and can invoke privileged UPS control commands — including shutdown, reboot, switch-on-bypass, and battery test — without supplying any credentials.
Title NetMan 204 Missing Authentication for Administrative Functions
First Time appeared Riello-ups
Riello-ups netman 204
Riello-ups netman 204 Firmware
Weaknesses CWE-306
CPEs cpe:2.3:h:riello-ups:netman_204:-:*:*:*:*:*:*:*
cpe:2.3:o:riello-ups:netman_204_firmware:-:*:*:*:*:*:*:*
Vendors & Products Riello-ups
Riello-ups netman 204
Riello-ups netman 204 Firmware
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Riello-ups Netman 204 Netman 204 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-05T17:49:51.355Z

Reserved: 2026-06-05T16:56:46.183Z

Link: CVE-2025-71318

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2026-06-05T18:16:54.910

Modified: 2026-06-05T19:02:13.790

Link: CVE-2025-71318

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-05T20:00:04Z

Weaknesses