- Researcher @kmkz_security just dropped two OT-facing zero-day chains with public PoCs after four months of vendor silence.
- One is a 10-year-old AngularJS sandbox escape shipped in 2026 emergency-lighting gear (CVSS 9.3); the other is a pre-auth path traversal + hardcoded root password on Voltronic UPS cards (CVSS 10.0) that hands attackers a direct pivot into OT infrastructure.
TL;DR
On April 22, 2026, researcher @kmkz_security publicly dropped two zero-day chains targeting operational-technology gear, coordinated through VulnCheck after roughly four months of vendor silence:
- CVE-2026-22191 — Beghelli SicuroWeb (Sicuro24 emergency-lighting console): AngularJS template injection → sandbox escape → arbitrary JS, no user interaction. CVSS 9.3.
- CVE-2026-22192 through CVE-2026-22199 — Voltronic Power SNMP Web Pro v1.1: pre-authentication root RCE chain. CVSS 10.0. Direct pivot into OT/ICS infrastructure.
Public proof-of-concepts are on GitHub. No patches available at disclosure.
What's new
The SicuroWeb bug is a textbook reminder that ancient frontend libraries in embedded/OT UIs never die. SicuroWeb ships with AngularJS 1.5.2 — a release from 2016 — and still renders untrusted values inside template contexts. Any attacker with a MITM position on the LAN can inject expressions into the management UI and run arbitrary JavaScript in the session of whoever logs in, with no click required.
The Voltronic chain is more severe. The SNMP Web Pro card — a management board found inside UPS units sold under Voltronic Power and several OEM/white-label brands — has three cascading failures: authentication enforced in the browser's localStorage, an unauthenticated path-traversal on upload.cgi, and a hardcoded root password. String them together and you get remote root on the UPS card with zero credentials.
Technical facts
SicuroWeb (CVE-2026-22191)
- Vector:
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L - Shipped with AngularJS 1.5.2; untrusted values rendered inside templates (CWE-79, CWE-1336)
- Sandbox escape primitive:
{{constructor.constructor('arbitrary_js')()}}— the classic String→Function constructor traversal that the 1.5.x sandbox never blocked (CWE-94, CWE-1104) - No Content Security Policy (CWE-693), no HSTS — plaintext HTTP allows MITM response rewriting
- PoC is a
mitmproxyscript that injects<div ng-init>before</body>on HTML responses, with a fallback that appends payload to.jsbundles - Persistence via
localStorage: the C2 URL is saved on first hit, then a bootstrapper re-pulls the payload on every page load — no further MITM needed
Voltronic SNMP Web Pro (CVE-2026-22192–22199)
- Vector:
AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - Affected: SNMP Web Pro v1.1 and prior (embedded web UI + CGI backend)
- Bug 1 — client-side auth via browser
localStorage: trivially bypassed (CWE-306, CWE-284) - Bug 2 — pre-auth path traversal on
upload.cgi:upload.cgi?name=download¶ms=../../../../../../../etc/shadowdumps arbitrary files including password hashes - Bug 3 — hash cracked offline reveals hardcoded
root / 12345678 - Final step: SSH as root → busybox shell on the UPS management card
Comparison
Most AngularJS SSTI writeups stop at reflected XSS. CVE-2026-22191 weaponizes a well-documented 2016-era sandbox escape that James Kettle and the PortSwigger research team flagged a decade ago — and ships it inside a 2026 OT product. The bug isn't novel; the supply chain that allowed a legacy framework into critical-infrastructure UIs is the real story.
The Voltronic chain looks a lot like the class of issues CISA advisory ICSA-25-182-05 flagged earlier in the Voltronic/PowerShield ecosystem, but hits a different product and does so without any memory-corruption primitive — it's pure logic and configuration, which makes exploitation reliable and version-agnostic.
Use cases / who's affected
- Facilities running Beghelli Sicuro24/SicuroWeb emergency-lighting consoles — common across European commercial real estate, hospitals, retail chains, and industrial sites.
- Data centers and industrial environments using Voltronic-family UPS cards. Voltronic Power is a major OEM; their SNMP cards are white-labeled under multiple brands, so the actual install base is far larger than the name suggests.
- Attack value: the UPS management card typically sits on the same management VLAN as HVAC/BMS and hypervisor management — an ideal pivot into wider OT and IT infrastructure, exactly what the researcher flagged when they said "direct pivot into infra."
Limitations & pricing
Neither chain is a pure "internet-facing click-and-root" bug. The SicuroWeb exploit needs a MITM position on the LAN (trivial on a flat OT network but not at Shodan scale). The Voltronic chain is AV:A — adjacent network — so it needs reachability to the UPS card, which in well-segmented environments should be limited. In reality, many UPS cards are accidentally exposed on corporate networks and, occasionally, on the public internet.
As of disclosure, no patches are available from Beghelli or Voltronic Power. Both vendors failed to respond to responsible-disclosure contacts over roughly four months. The advisories and PoCs are free and public.
What's next
Expect a CISA ICS-CERT advisory to pick this up in the coming days, IR teams to start scanning for Voltronic SNMP Web cards on corporate networks, and vendor patches to land once external pressure materializes. In the meantime, defenders should:
- Segment the OT VLAN; deny the UPS management card any outbound internet reachability.
- Rotate UPS management credentials and replace any Voltronic SNMP Web Pro card still on v1.1 firmware.
- Enforce HTTPS + HSTS in front of SicuroWeb; block plaintext HTTP on the management network.
- Reverse-proxy the SicuroWeb UI with a restrictive Content Security Policy and strip
upload.cgitraversal at the proxy layer for Voltronic. - Hunt for
ng-initstrings appearing in logged HTML responses and for/etc/shadowreads viaupload.cgion ICS traffic.
Credits: disclosure by @kmkz_security, coordinated with thanks to @catc0n and @VulnCheckAI. Full write-up on Boffsec; PoCs on GitHub.
