CVE-2020-7521

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software V2.0 and earlier when accessing a vulnerable method of FileUploadServlet which may lead to uploading executable files to non-specified directories...

EUVD-2020-28646

Malware in sbrugna...

EUVD-2020-28647

Malware in sbrugna...

EUVD-2022-46022

Malicious code in bioql PyPI...

EUVD-2022-46021

Malicious code in bioql PyPI...

EUVD-2022-46023

Malicious code in bioql PyPI...

CVE-2020-7522

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software V2.0 and earlier when accessing a vulnerable method of SoundUploadServlet which may lead to uploading executable files to non-specified directories...

Schneider Electric APC Easy UPS Online deletePdfReportFile Directory Traversal Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Schneider Electric APC Easy UPS Online. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific...

Schneider Electric Easy UPS Online Monitoring Software Path Traversal Vulnerability

Schneider Electric Easy UPS Online Monitoring Software is a power monitoring software from Schneider Electric France. A path traversal vulnerability exists in Schneider Electric Easy UPS Online Monitoring Software. An attacker could exploit this vulnerability to cause arbitrary file deletion upon...

Schneider Electric Easy UPS Online Monitoring Software

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Vendor : Schneider Electric Equipment : Easy UPS Online Monitoring Software Vulnerability : Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow elevation of privileges which could result in arbitrary...

PT-2023-7821 · Schneider Electric · Apc Easy Ups Online Monitoring

Name of the Vulnerable Software and Affected Versions: APC Easy UPS Online Monitoring Software affected versions not specified Description: The issue is related to improper limitation of a pathname to a restricted directory, also known as a 'Path Traversal' vulnerability. This could allow an...

Schneider Electric APC Easy UPS Online Monitoring Software Unauthenticated RMI Calls (CVE-2023-28411)

Binary data schneiderelectricupsmonitoringsoftwareunauthrmi.nbin...

Schneider Electric APC Easy UPS Online SNMPDBManager Use of Hard-Coded Credentials Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric APC Easy UPS Online. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists with...

Schneider Electric APC Easy UPS Online updatePassword Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Schneider Electric APC Easy UPS Online. Authentication is not required to exploit this vulnerability. The specific flaw exists within the updatePassword function. The issue results from the lack of...

Vulnerabilities fixed in APC Easy UPS Online. Monitoring

APC has fixed vulnerabilities in Easy UPS Online Monitoring. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to execute arbitrary code execute with the victim's privileges. Because the online monitoring software is used by administrators, it is likely that cod...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on April 18, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

Schneider Electric APC Easy UPS Online Monitoring Software (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low attack complexity/Public exploits available Vendor: Schneider Electric Equipment: APC Easy UPS Online Monitoring Software Vulnerability: OS Command Injection, Missing Authentication for Critical Function 2. RISK...

Schneider Electric Easy UPS Online Monitoring Software 访问控制错误漏洞

Schneider Electric Easy UPS Online Monitoring Software is a power monitoring software from Schneider Electric France. The Schneider Electric Easy UPS Online Monitoring Software suffers from an access control error vulnerability that stems from an authentication vulnerability that lacks critical...

Schneider Electric Easy UPS Online Monitoring Software 操作系统命令注入漏洞

Schneider Electric Easy UPS Online Monitoring Software is a power monitoring software from the French company Schneider Electric. The Schneider Electric Easy UPS Online Monitoring Software suffers from an operating system command injection vulnerability that stems from a mishandled case-sensitive...

PT-2023-2418 · Schneider +1 · Schneider Ups Monitor Service +1

Name of the Vulnerable Software and Affected Versions: Schneider UPS Monitor service affected versions not specified APC Easy UPS Online Monitoring Software affected versions not specified Description: A Missing Authentication for Critical Function issue exists, which could cause Denial-of-Servic...