There was vulnerability in the Apache Log4J2 file but it did not affect ViewPower software, however we have still updated the software to fix it. Users can use the below link to download the new version. This only applies to users using the ViewPower software via USB. None of the SNMP cards were affected.
https://www.xpcc.com/installviewpowerhtmlwindows/
If you wish to keep the current version you are on, please follow the instructions below to update the files with the newest versions that are not vulnerable.
ViewPower uses Apache Log 4J2 version 2.12.1, but the way it uses will not trigger the bug. However, download the two files “log4j-api-2.16.0.jar” and “log4j-core-2.16.0.jar” and replace “log4j-api-2.12.1.jar” and “log4j-core-2.12.1.jar” files in the folder ViewPower\tomcat\webapps\ViewPower\WEB-INF\lib with the two new files.
The files are on the link below.
https://d470d9.p3cdn1.secureserver.net/wp-content/uploads/Log4J2.zip