Schneider Electric Easy UPS Online Monitoring Software 操作系统命令注入漏洞

Schneider Electric Easy UPS Online Monitoring Software is a power monitoring software from the French company Schneider Electric. The Schneider Electric Easy UPS Online Monitoring Software suffers from an operating system command injection vulnerability that stems from a mishandled case-sensitive...

PT-2023-2418 · Schneider +1 · Schneider Ups Monitor Service +1

Name of the Vulnerable Software and Affected Versions: Schneider UPS Monitor service affected versions not specified APC Easy UPS Online Monitoring Software affected versions not specified Description: A Missing Authentication for Critical Function issue exists, which could cause Denial-of-Servic...

CVE-2022-42973

Schneider Electric APC Easy UPS Online Monitoring Software (and APC Easy UPS Online Monitoring Software) versions prior to V2.5-GA, V2.5-GA-01-22261, V2.5-GS, or GS-01-22261 are affected by CVE-2022-42973 (CWE-798): use of hard-coded credentials in the database, enabling local privilege escalatio...

Schneider Electric Easy UPS Online Monitoring Software 安全漏洞

Schneider Electric Easy UPS Online Monitoring Software is a power monitoring software from Schneider Electric, a French company. A security vulnerability exists in Schneider Electric Easy UPS Online Monitoring Software, which stems from a Critical Resource Privilege Assignment Incorrect...

CVE-2022-42972

A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could cause local privilege escalation when a local attacker modifies the webroot directory. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 -...

CVE-2022-42972

Schneider Electric APC Easy UPS Online Monitoring Software and Schneider Electric Easy UPS Online Monitoring Software (Safe to say the affected products are APC Easy UPS Online Monitoring Software and Schneider Electric Easy UPS Online Monitoring Software) are impacted by CVE-2022-42972, which is...

CVE-2022-42973

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA, APC...

The vulnerability of the APC Easy UPS Online Monitoring Software lies in the lack of authentication for a critical function, allowing attackers to gain access to the software.

The vulnerability of the APC Easy UPS Online Monitoring Software relates to the absence of authentication for a critical function. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the software...