EUVD-2009-4373

Malware in sbrugna...

Eaton Rack PDU G4 安全漏洞

The Eaton Rack PDU G4 is a vertical assembly power unit from Eaton Corporation USA. A security vulnerability exists in Eaton Rack PDU G4 version 3.5.0 and earlier, which stems from an insecure server identity checking mechanism for firmware upgrades that could lead to a man-in-the-middle attack...

Eaton Rack PDU G4 安全漏洞

The Eaton Rack PDU G4 is a vertical assembly power unit from Eaton Corporation USA. A security vulnerability exists in Eaton Rack PDU G4 version 3.5.0 and earlier, which stems from privileged access to potentially modify the contents of non-sensitive files via a CLI limited shell...

CVE-2021-22814

CVE-2021-22814 describes a Cross-site Scripting (CWE-79) vulnerability in Schneider Electric NMC embedded devices (NMC2 and NMC3) that can cause arbitrary script execution when a malicious file is read and displayed. Affected products span multiple Schneider Electric lines: 1-phase and 3-phase UP...

Schneider Electric Rack PDU 信息泄露漏洞

Schneider Electric Rack PDUs are APC switched rack power distribution units PDUs from Schneider-electric in France that support advanced, user-customizable power control and active monitoring. An information disclosure vulnerability exists in the Schneider Electric Rack PDU, which can be exploite...

Schneider Electric Rack PDU (Update A)

1. EXECUTIVE SUMMARY --------- Begin Update A Part 1 of 3 --------- CVSS v3 6.5 ATTENTION: Exploitable remotely --------- End Update A Part 1 of 3 --------- Vendor: Schneider Electric Equipment: Rack Power Distribution Unit PDU --------- Begin Update A Part 2 of 3 --------- Vulnerability:...

Emerson Network Power® MPH2™ Rack PDU 弱口令

参考链接: https://community.emerson.com/networkpower/support/avocent/power/mph2/m/mediagallery/3093...

CVE-2009-1798

Multiple cross-site scripting XSS vulnerabilities on the Network Management Card NMC on American Power Conversion APC Switched Rack PDU aka Rack Mount Power Distribution devices and other devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities on the Network Management Card NMC on American Power Conversion APC Switched Rack PDU aka Rack Mount Power Distribution devices and other devices allow remote attackers to hijack the authentication of 1 administrator or 2 device users for...

CVE-2009-1797

Multiple cross-site request forgery CSRF vulnerabilities on the Network Management Card NMC on American Power Conversion APC Switched Rack PDU aka Rack Mount Power Distribution devices and other devices allow remote attackers to hijack the authentication of 1 administrator or 2 device users for...

CVE-2009-1797

Multiple cross-site request forgery CSRF vulnerabilities on the Network Management Card NMC on American Power Conversion APC Switched Rack PDU aka Rack Mount Power Distribution devices and other devices allow remote attackers to hijack the authentication of 1 administrator or 2 device users for...

CVE-2009-1797

The CVE-2009-1797 issue affects the APC Network Management Card (NMC) web interface used in APC UPS/Rack PDU products. It describes cross‑site request forgery (CSRF) vulnerabilities that can allow an attacker to hijack a user’s session and perform actions such as creating new administrative users...

CVE-2009-1798

CVE-2009-1798 refers to multiple cross-site scripting (XSS) vulnerabilities in the APC Network Management Card (NMC) used in APC Switched Rack PDU devices. The issue is that the NMC web interface does not adequately validate user-supplied data, allowing remote attackers to inject arbitrary web sc...

Cross site scripting

Cross-site scripting XSS vulnerability in Forms/login1 in American Power Conversion APC Switched Rack PDU AP7932 B2, running rpdu 3.3.3 or 3.7.0 on AOS 3.3.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the loginusername parameter...

CVE-2009-4406

Cross-site scripting XSS vulnerability in Forms/login1 in American Power Conversion APC Switched Rack PDU AP7932 B2, running rpdu 3.3.3 or 3.7.0 on AOS 3.3.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the loginusername parameter...

CVE-2009-4406

Cross-site scripting XSS vulnerability in Forms/login1 in American Power Conversion APC Switched Rack PDU AP7932 B2, running rpdu 3.3.3 or 3.7.0 on AOS 3.3.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the loginusername parameter...

CVE-2009-4406

CVE-2009-4406 is an XSS in the APC Network Monitoring/Card web interface. The vulnerability affects the NMC login form: Forms/login1?login_username on AP7932 B2 devices (rpdu 3.3.3 or 3.7.0 on AOS 3.3.4 and possibly other versions) allowing remote attackers to inject arbitrary script/HTML. Conseq...

APC Switched Rack PDU XSS Vulnerability

APC Switched Rack PDU XSS Vulnerability By Jamal Pecou jpecou at gmail dot c0m. Product Info Product InfoTested Versions Model = AP7932 Harware Revision = B2 Application Module Name = rpdu Version = v3.3.3Tested First Version = 3.7.0Current APC OS AOS Name = aos Version = v3.3.4 Vulnerability XSS...

APC Switched Rack PDU Cross Site Scripting

APC Switched Rack PDU XSS Vulnerability By Jamal Pecou jpecou at gmail dot c0m. Product Info Product InfoTested Versions Model = AP7932 Harware Revision = B2 Application Module Name = rpdu Version = v3.3.3Tested First Version = 3.7.0Current APC OS AOS Name = aos Version = v3.3.4 Vulnerability XSS...

APC Switched Rack PDU crossite scripting

Crossite scripting in Web administration interface...