InfraPower PPS-02-S Q213V1 suffers from an insecure direct object reference authorization bypass vulnerability.