Altenergy Power Control Software C1.2.5 - Remote Command Injection

Altenergy Power Control Software C1.2.5 is susceptible to remote command injection via shell metacharacters in the index.php/management/settimezone parameter, because of settimezone in models/managementmodel.php. An attacker can potentially obtain sensitive information, modify data, and/or execut...

CVE-2025-28343

striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function ThreadReadButtons...

CVE-2025-28343

CVE-2025-28343 affects striso-control-firmware 54c9722. The issue is a buffer overflow in the function ThreadReadButtons. CVSSv3.1 base score 7.5 (HIGH): attack vector NETWORK, attack complexity LOW, privileges required NONE, user interaction NONE, with confidentiality and integrity not impacted ...

CVE-2025-28343

striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function ThreadReadButtons...

CVE-2025-28343

striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function ThreadReadButtons...

Linux Distros Unpatched Vulnerability : CVE-2026-28343

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. Starting in version 29.0.0 and prior to version 47.6.0, a cross-site scripting XSS...

CVE-2026-28343

CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. Starting in version 29.0.0 and prior to version 47.6.0, a cross-site scripting XSS vulnerability has been discovered in the General HTML Support feature. This vulnerability could be triggered by inserting specially craft...

4game-support-ckeditor5-custom-build (>=0.0.1 <=0.0.5), 87-midnight-ckeditor5 (>=0.0.3 <=0.0.5) +664 more potentially affected by CVE-2026-28343 via @ckeditor/ckeditor5-html-support (>=29.2.0 <=47.6.0-alpha.9)

@ckeditor/ckeditor5-html-support NPM version =29.2.0, =0.0.1, =0.0.3, =0.0.1, =0.0.1, =42.0.1, =2.0.0, =0.7.0, =0.0.6, =1.0.1, =0.0.1, =0.0.1, =1.0.0, =36.0.0, =0.0.2, =1.1.0, =3.1.1 and more Source cves: CVE-2026-28343 Source advisory: OSV:GHSA-JRQM-VMQC-GM93...

@_sh/strapi-plugin-ckeditor (>=7.0.0 <=7.1.0), @ckeditor/ckeditor5-adapter-ckfinder (>=47.0.0 <=47.6.0-alpha.9) +94 more potentially affected by CVE-2026-28343 via @ckeditor/ckeditor5-engine (>=47.0.0-alpha.0 <=47.6.0-alpha.9)

@ckeditor/ckeditor5-engine NPM version =47.0.0-alpha.0, =7.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.6.0-alpha.9 and more Source cves: CVE-2026-28343 Source advisory: SNYK:JS-CKEDITORCKEDITOR5ENGINE-15426...

4game-support-ckeditor5-custom-build (>=0.0.1 <=0.0.5), 87-midnight-ckeditor5 (>=0.0.3 <=0.0.5) +1485 more potentially affected by CVE-2026-28343 via ckeditor5 (>=29.2.0 <=47.6.0-alpha.9)

ckeditor5 NPM version =29.2.0, =0.0.1, =0.0.3, =0.0.1, =0.0.1, =29.2.0, =2.0.0, =30.0.0, =0.7.0, =1.0.0, =0.0.3, =0.0.6, =1.3.0, =1.0.1, =1.0.23 and more Source cves: CVE-2026-28343 Source advisory: OSV:GHSA-JRQM-VMQC-GM93...

APSystems Altenergy Power Control

1. EXECUTIVE SUMMARY ​CVSS v3 9.8 ​ATTENTION: Exploitable remotely / low attack complexity / public exploits available ​Vendor: APSystems ​Equipment: Altenergy Power Control ​Vulnerability: OS Command Injection 2. RISK EVALUATION ​Successful exploitation of this vulnerability may allow remote...

Altenergy Power Control Software C1.2.5 Command Injection

Exploit Title: Altenergy Power Control Software C1.2.5 - OS command injection Google Dork: intitle:"Altenergy Power Control Software" Date: 15/3/2023 Exploit Author: Ahmed Alroky Vendor Homepage: https://apsystems.com/ Version: C1.2.5 Tested on: Windows 10 CVE : CVE-2023-28343 import requests...

Altenergy Power Control Software C1.2.5 - OS command injection

Exploit Title: Altenergy Power Control Software C1.2.5 - OS command injection Google Dork: intitle:"Altenergy Power Control Software" Date: 15/3/2023 Exploit Author: Ahmed Alroky Vendor Homepage: https://apsystems.com/ Version: C1.2.5 Tested on: Windows 10 CVE : CVE-2023-28343 import requests...

Altenergy Power Control Software C1.2.5 - OS command injection

Exploit Title: Altenergy Power Control Software C1.2.5 - OS command injection Google Dork: intitle:"Altenergy Power Control Software" Exploit Author: Ahmed Alroky Vendor Homepage: https://apsystems.com/ Version: C1.2.5 Tested on: Windows 10 CVE : CVE-2023-28343 import requests import argparse def...

Exploit for OS Command Injection in Apsystems Energy_Communication_Unit_Firmware

CVE-2023-28343 CVE-2023-28343 POC exploit Usage shell us...

CVE-2023-28343

OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/settimezone timezone parameter, because of settimezone in models/managementmodel.php...

CVE-2023-28343

OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/settimezone timezone parameter, because of settimezone in models/managementmodel.php...

CVE-2023-28343

Altenergy Power Control Software C1.2.5 is affected by CVE-2023-28343: an OS command injection via shell metacharacters in the index.php/management/set_timezone parameter, caused by set_timezone in models/management_model.php. This allows remote command execution with the affected product version...

CVE-2023-28343

OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/settimezone timezone parameter, because of settimezone in models/managementmodel.php...

CVE-2021-28343

Remote Procedure Call Runtime Remote Code Execution Vulnerability...