Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 12:6 a.m.8 views

CVE-2009-1797

Multiple cross-site request forgery CSRF vulnerabilities on the Network Management Card NMC on American Power Conversion APC Switched Rack PDU aka Rack Mount Power Distribution devices and other devices allow remote attackers to hijack the authentication of 1 administrator or 2 device users for...

6.8CVSS8.2AI score0.00667EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/04/11 12:0 a.m.4 views

The vulnerability of the APC Easy UPS Online Monitoring Software and Easy UPS Online Monitoring Software lies in the lack of authentication for a critical function, allowing attackers to execute arbitrary code.

The vulnerability of the APC Easy UPS Online Monitoring Software and Easy UPS Online Monitoring Software lies in the lack of authentication for a critical function. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.2AI score0.01315EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/14 12:0 a.m.5 views

The vulnerability of the APC Easy UPS Online Monitoring Software lies in the lack of authentication for a critical function, allowing attackers to gain access to the software.

The vulnerability of the APC Easy UPS Online Monitoring Software relates to the absence of authentication for a critical function. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the software...

10CVSS7.8AI score0.00712EPSS
Exploits0References4Affected Software2
CNVD
CNVD
added 2017/06/19 12:0 a.m.5 views

APC UPS Daemon Local Lift Vulnerability

Apcupsd APC UPS Daemon can be used for power management and control of most APC UPS models on Unix and Windows machines. APC UPS Daemon is vulnerable to a local privilege extraction vulnerability. It allows locally authenticated, unprivileged users to run arbitrary code with elevated privileges b...

8.4CVSS7.3AI score0.00436EPSS
Exploits1References1
Cvelist
Cvelist
added 2009/12/28 7:0 p.m.22 views

CVE-2009-1798

Multiple cross-site scripting XSS vulnerabilities on the Network Management Card NMC on American Power Conversion APC Switched Rack PDU aka Rack Mount Power Distribution devices and other devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the...

5.9AI score0.01994EPSS
Exploits0References4
CVE
CVE
added 2007/12/04 6:0 p.m.53 views

CVE-2007-6226

The CVE-2007-6226 entry concerns the APC AP7932 0u 30A Switched Rack PDU. Affected components are the RPDU firmware 3.5.5 and AOS 3.5.6. The root cause is an authentication bypass that allows remote attackers to gain login access by initiating a login while another client is already logged in, th...

7.1CVSS7AI score0.01849EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2005/12/17 11:0 a.m.17 views

CVE-2005-4326

The web interface for American Power Conversion APC PowerChute Network Shutdown performs all communication in cleartext base64-encoded, which allows remote attackers to sniff authentication credentials...

6.9AI score0.01465EPSS
Exploits0References3
CVE
CVE
added 2005/12/17 11:0 a.m.89 views

CVE-2005-4326

The CVE-2005-4326 entry concerns APC PowerChute Network Shutdown’s web interface, where all communication is performed in cleartext (base64-encoded). This design allows remote attackers to sniff authentication credentials. Public references confirm the issue and the metric suggests a network-base...

5CVSS7.3AI score0.01465EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2004/11/23 5:0 a.m.19 views

CVE-2004-0311

American Power Conversion APC Web/SNMP Management SmartSlot Card 3.0 through 3.0.3 and 3.21 are shipped with a default password of TENmanUFactOryPOWER, which allows remote attackers to gain unauthorized access...

10CVSS7AI score0.0247EPSS
Exploits0References5
CVE
CVE
added 2004/03/18 5:0 a.m.65 views

CVE-2004-0311

CVE-2004-0311 affects APC Web/SNMP Management SmartSlot Card, specifically versions 3.0 through 3.0.3 and 3.21. The issue is a default password vulnerability: the device ships with the password TENmanUFactOryPOWER, allowing remote attackers to gain unauthorized access. Connected documents corrobo...

10CVSS7.8AI score0.0247EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder