A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow
changes to administrative credentials, leading to potential remote code execution without
requiring prior authentication on the Java RMI interface.
CPE | Name | Operator | Version |
---|---|---|---|
apc_easy_ups_online_monitoring_software | eq | <= 2.5ga122320 | |
easy_ups_online_monitoring_software | eq | <= 2.5gs122320 |