Lucene search
K

159 matches found

Vulnrichment
Vulnrichment
added 2023/05/11 12:0 a.m.9 views

CVE-2023-31502

Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution RCE vulnerability via the component /models/managementmodel.php...

7.5AI score0.00698EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2023/04/10 12:0 a.m.235 views

Altenergy Power Control Software C1.2.5 Command Injection

Exploit Title: Altenergy Power Control Software C1.2.5 - OS command injection Google Dork: intitle:"Altenergy Power Control Software" Date: 15/3/2023 Exploit Author: Ahmed Alroky Vendor Homepage: https://apsystems.com/ Version: C1.2.5 Tested on: Windows 10 CVE : CVE-2023-28343 import requests...

9.8CVSS9.4AI score0.85332EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.260 views

Altenergy Power Control Software C1.2.5 - OS command injection

Exploit Title: Altenergy Power Control Software C1.2.5 - OS command injection Google Dork: intitle:"Altenergy Power Control Software" Date: 15/3/2023 Exploit Author: Ahmed Alroky Vendor Homepage: https://apsystems.com/ Version: C1.2.5 Tested on: Windows 10 CVE : CVE-2023-28343 import requests...

9.8CVSS9.8AI score0.85332EPSS
Exploits5
0day.today
0day.today
added 2023/04/07 12:0 a.m.207 views

Altenergy Power Control Software C1.2.5 - OS command injection

Exploit Title: Altenergy Power Control Software C1.2.5 - OS command injection Google Dork: intitle:"Altenergy Power Control Software" Exploit Author: Ahmed Alroky Vendor Homepage: https://apsystems.com/ Version: C1.2.5 Tested on: Windows 10 CVE : CVE-2023-28343 import requests import argparse def...

9.8CVSS9.2AI score0.85332EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.22 views

ABB 800xA Improper Input Validation (CVE-2021-22277)

Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB Base Software for SoftControl allows an attacker to cause the denial of service. This plugin only works with Tenable.ot. Please visit...

7.8CVSS7.4AI score0.0091EPSS
Exploits1References2
NVD
NVD
added 2023/03/14 8:15 p.m.25 views

CVE-2023-28343

OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/settimezone timezone parameter, because of settimezone in models/managementmodel.php...

9.8CVSS9.9AI score0.85332EPSS
Exploits5References3
Prion
Prion
added 2023/03/14 8:15 p.m.19 views

Command injection

OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/settimezone timezone parameter, because of settimezone in models/managementmodel.php...

7.5CVSS9.8AI score0.85332EPSS
Exploits5References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/14 12:0 a.m.9 views

CVE-2023-28343

OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/settimezone timezone parameter, because of settimezone in models/managementmodel.php...

9.8AI score0.85332EPSS
Exploits5References3
CNNVD
CNNVD
added 2023/03/14 12:0 a.m.4 views

Altenergy Power System Control Software 操作系统命令注入漏洞

Altenergy Power System Control Software is microinverter control software from Altenergy Power System. A security vulnerability exists in AlAltenergy Power System Control Software version C1.2.5, which originates from an operating system command injection vulnerability...

9.8CVSS8.4AI score0.85332EPSS
Exploits5References6
CVE
CVE
added 2023/03/14 12:0 a.m.131 views

CVE-2023-28343

Altenergy Power Control Software C1.2.5 is affected by CVE-2023-28343: an OS command injection via shell metacharacters in the index.php/management/set_timezone parameter, caused by set_timezone in models/management_model.php. This allows remote command execution with the affected product version...

9.8CVSS9.7AI score0.85332EPSS
In wildExploits5References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/06 12:0 a.m.5 views

The vulnerability in the web interface of the Unified Remote software, a remote control program for computers, allows a hacker to execute arbitrary code.

The vulnerability of the Unified Remote web interface for remote control software management is related to an incorrect authentication process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.2AI score0.66354EPSS
Exploits4References2Affected Software1
NVD
NVD
added 2023/01/26 9:18 p.m.12 views

CVE-2023-0451

Econolite EOS versions prior to 3.2.23 lack a password requirement for gaining “READONLY” access to log files and certain database and configuration files. One such file contains tables with MD5 hashes and usernames for all defined users in the control software, including administrators and...

7.5CVSS7.7AI score0.00825EPSS
Exploits0References1
ICS
ICS
added 2023/01/26 7:0 a.m.32 views

Econolite EOS (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Econolite Equipment: EOS Vulnerability: Improper Access Control, Use of Weak Hash 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-23-026-02 Econolite EOS...

9.8CVSS7.9AI score0.00825EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2022/12/23 12:30 p.m.25 views

usememos/memos Improper Access Control vulnerability

Improper Access Control in GitHub repository usememos/memos prior to 0.9.0...

8.8CVSS8.4AI score0.00607EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2022/12/20 12:0 a.m.5 views

ZOHO ManageEngine Device Control Plus 安全漏洞

ZOHO ManageEngine Device Control Plus is a USB device control software from ZOHO USA. It is used to control, block and monitor all removable devices connected to the computer. A security vulnerability exists in ZOHO ManageEngine Device Control Plus version 10.1.2228.15 that originates from the...

7.8CVSS6.7AI score0.01124EPSS
Exploits1References3
CNVD
CNVD
added 2022/11/30 12:0 a.m.32 views

APsystems Access Control Error Vulnerability

APsystems is a microinverter from APsystems, Inc. Combining high efficiency power conversion with a user-friendly monitoring interface, it brings you reliable and smart energy. An access control error vulnerability exists in APsystems ENERGY COMMUNICATION UNIT ECU-C Power Control Software version...

8.8CVSS8.9AI score0.00642EPSS
Exploits1References1
NVD
NVD
added 2022/11/29 4:15 a.m.21 views

CVE-2022-44037

An access control issue in APsystems ENERGY COMMUNICATION UNIT ECU-C Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows attackers to access sensitive data and execute specific commands and functions with full admin rights without authenticating allows him to perform multiple...

8.8CVSS0.00642EPSS
Exploits1References1
Prion
Prion
added 2022/11/29 4:15 a.m.20 views

Design/Logic Flaw

An access control issue in APsystems ENERGY COMMUNICATION UNIT ECU-C Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows attackers to access sensitive data and execute specific commands and functions with full admin rights without authenticating allows him to perform multiple...

5.8CVSS8.7AI score0.00642EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/11/29 12:0 a.m.3 views

APsystems 安全漏洞

APsystems is a microinverter from APsystems, Inc. Combining high efficiency power conversion with a user-friendly monitoring interface, it brings you reliable and smart energy. An access control error vulnerability exists in APsystems ENERGY COMMUNICATION UNIT ECU-C Power Control Software version...

8.8CVSS7AI score0.00642EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/11/29 12:0 a.m.23 views

CVE-2022-44037

An access control issue in APsystems ENERGY COMMUNICATION UNIT ECU-C Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows attackers to access sensitive data and execute specific commands and functions with full admin rights without authenticating allows him to perform multiple...

9AI score0.00642EPSS
Exploits1References1
Rows per page
Query Builder