15 matches found
Schneider Electric APC Easy UPS Online deletePdfReportFile Directory Traversal Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Schneider Electric APC Easy UPS Online. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific...
Schneider Electric APC Easy UPS Online updatePassword Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Schneider Electric APC Easy UPS Online. Authentication is not required to exploit this vulnerability. The specific flaw exists within the updatePassword function. The issue results from the lack of...
Schneider Electric APC Easy UPS Online SNMPDBManager Use of Hard-Coded Credentials Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric APC Easy UPS Online. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists with...
Schneider Electric Easy UPS Online Monitoring Software 操作系统命令注入漏洞
Schneider Electric Easy UPS Online Monitoring Software is a power monitoring software from the French company Schneider Electric. The Schneider Electric Easy UPS Online Monitoring Software suffers from an operating system command injection vulnerability that stems from a mishandled case-sensitive...
Schneider Electric APC Easy UPS Online SocketService Missing Authentication Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Schneider Electric APC Easy UPS Online. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SocketService module, which listens on UDP port...
PT-2023-2418 · Schneider +1 · Schneider Ups Monitor Service +1
Name of the Vulnerable Software and Affected Versions: Schneider UPS Monitor service affected versions not specified APC Easy UPS Online Monitoring Software affected versions not specified Description: A Missing Authentication for Critical Function issue exists, which could cause Denial-of-Servic...
CVE-2022-42972
A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could cause local privilege escalation when a local attacker modifies the webroot directory. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 -...
CVE-2022-42973
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA, APC...
CVE-2022-42973
Schneider Electric APC Easy UPS Online Monitoring Software (and APC Easy UPS Online Monitoring Software) versions prior to V2.5-GA, V2.5-GA-01-22261, V2.5-GS, or GS-01-22261 are affected by CVE-2022-42973 (CWE-798): use of hard-coded credentials in the database, enabling local privilege escalatio...
Schneider Electric Easy UPS Online Monitoring Software 代码问题漏洞
Schneider Electric Easy UPS Online Monitoring Software is a power monitoring software from Schneider Electric, a French company. A code issue exists in Schneider Electric Easy UPS Online Monitoring Software that stems from an Unlimited Uploads of Dangerous Types of Files vulnerability that could...
Schneider Electric APC Easy UPS Online
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: APC Easy UPS Online Vulnerabilities: Missing Authentication for Critical Function, Unrestricted Upload of File with Dangerous Type, Incorrect Permission Assignment for...
PT-2022-6392 · Schneider Electric · Apc Easy Ups Online Monitoring +1
Name of the Vulnerable Software and Affected Versions: APC Easy UPS Online Monitoring Software versions prior to V2.5-GA APC Easy UPS Online Monitoring Software versions prior to V2.5-GA-01-22261 Schneider Electric Easy UPS Online Monitoring Software versions prior to V2.5-GS Schneider Electric...
PT-2022-5821 · Schneider Electric · Apc Easy Ups Online Monitoring +1
Name of the Vulnerable Software and Affected Versions: APC Easy UPS Online Monitoring Software versions prior to V2.5-GA APC Easy UPS Online Monitoring Software versions prior to V2.5-GA-01-22261 Schneider Electric Easy UPS Online Monitoring Software versions prior to V2.5-GS Schneider Electric...
Schneider Electric APC Easy UPS Online FileUploadServlet processRequest Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric APC Easy UPS Online. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileUploadServlet class. When parsing the filename parameter,...
Schneider Electric APC Easy UPS Online SoundUploadServlet processRequest Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric APC Easy UPS Online. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SoundUploadServlet class. When parsing the filename parameter...