258 matches found
Stalkerware-type app developers fined by NY Attorney General
Stalkerware is a huge problem when it comes to intrusion into peoples personal lives. "Friends", strangers, family members, abusive spouses and many more can potentially dabble in this malignant pastime and cause all manner of trouble for their target. Thanks to the New York Attorney Generals...
CVE-2022-42970
A CWE-306: Missing Authentication for Critical Function The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows...
CVE-2022-42971
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could cause remote code execution when the attacker uploads a malicious JSP file. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to...
CVE-2022-42971
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could cause remote code execution when the attacker uploads a malicious JSP file. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to...
Hardcoded credentials
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA, APC...
CVE-2022-42970
Schneider Electric APC Easy UPS Online Monitoring Software (Schneider Electric/APC Easy UPS Online Monitoring Software) versions prior to V2.5-GA (Windows 7/10/11 and Windows Server 2016/2019/2022) and prior to V2.5-GA-01-22261 (Windows 11/Server 2019/2022) are affected by CVE-2022-42970 due to m...
CVE-2022-42971
The CVE-2022-42971 issue is a real, concrete vulnerability in Schneider Electric APC Easy UPS Online Monitoring Software (and related Schneider Electric variants) where UpLoadAction.execute allows Unrestricted Upload of File with Dangerous Type. An unauthenticated attacker can upload a malicious ...
CVE-2022-42972
Schneider Electric APC Easy UPS Online Monitoring Software and Schneider Electric Easy UPS Online Monitoring Software (Safe to say the affected products are APC Easy UPS Online Monitoring Software and Schneider Electric Easy UPS Online Monitoring Software) are impacted by CVE-2022-42972, which is...
CVE-2022-42973
Schneider Electric APC Easy UPS Online Monitoring Software (and APC Easy UPS Online Monitoring Software) versions prior to V2.5-GA, V2.5-GA-01-22261, V2.5-GS, or GS-01-22261 are affected by CVE-2022-42973 (CWE-798): use of hard-coded credentials in the database, enabling local privilege escalatio...
Schneider Electric Easy UPS Online Monitoring Software 安全漏洞
Schneider Electric Easy UPS Online Monitoring Software is a power monitoring software from Schneider Electric, a French company. A security vulnerability exists in Schneider Electric Easy UPS Online Monitoring Software, which stems from a Critical Resource Privilege Assignment Incorrect...
CVE-2022-42972
A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could cause local privilege escalation when a local attacker modifies the webroot directory. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 -...
CVE-2022-42973
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA, APC...
U.S. Federal Agencies Fall Victim to Cyber Attack Utilizing Legitimate RMM Software
At least two federal agencies in the U.S. fell victim to a "widespread cyber campaign" that involved the use of legitimate remote monitoring and management RMM software to perpetuate a phishing scam. "Specifically, cyber criminal actors sent phishing emails that led to the download of legitimate...
Schneider Electric APC Easy UPS Online Monitoring Software Detection
Binary data schneiderelectricupsmonitoringsoftwaredetect.nbin...
Fuji Electric Tellus Lite V-Simulator 安全漏洞
Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments developed by FujiElectric Japan, which is mainly used to collect real-time data from PLCs Programmable Logic Controllers, temperature controllers, inverters, and other devices. Fuji Electric Tellus...
The vulnerability of the APC Easy UPS Online Monitoring Software lies in the lack of authentication for a critical function, allowing attackers to gain access to the software.
The vulnerability of the APC Easy UPS Online Monitoring Software relates to the absence of authentication for a critical function. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the software...
PT-2022-5907 · Schneider Electric · Apc Easy Ups Online Monitoring +1
Name of the Vulnerable Software and Affected Versions: APC Easy UPS Online Monitoring Software versions prior to V2.5-GA APC Easy UPS Online Monitoring Software versions prior to V2.5-GA-01-22261 Schneider Electric Easy UPS Online Monitoring Software versions prior to V2.5-GS Schneider Electric...
Advantech R-SeeNet Stack Buffer Overflow Vulnerability
Advantech R-SeeNet is an industrial monitoring software from Advantech China. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms.Advantech R-SeeNet 2.4.17 and previous versions are vulnerable to a stack buffer overflow vulnerabilit...
The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers lies in buffer overflow in the stack, allowing a hacker to execute arbitrary code.
The vulnerability of the monitoring software for the functions and states of Advantech R-SeeNet routers is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
High-School Graduation Prank Hack
This is a fun story, detailing the hack a group of high school students perpetrated against an Illinois school district, hacking 500 screens across a bunch of schools. During the process, the group broke into the school’s IT systems; repurposed software used to monitor students’ computers;...