Schneider Electric Easy UPS Online Monitoring Software Access Control Error Vulnerability

Schneider Electric Easy UPS Online Monitoring Software is a power monitoring software from the French company Schneider Electric Schneider Electric. The Schneider Electric Easy UPS Online Monitoring Software suffers from an Access Control Error vulnerability that stems from a lack of authenticati...

CVE-2022-42972

A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could cause local privilege escalation when a local attacker modifies the webroot directory. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 -...

CVE-2022-42973

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA, APC...

CVE-2020-7522

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software V2.0 and earlier when accessing a vulnerable method of SoundUploadServlet which may lead to uploading executable files to non-specified directories...

WinPower Elevation of Privilege Vulnerability

WinPower is a UPS monitoring software. WinPower suffers from an elevation of privilege vulnerability. An attacker is allowed to exploit the vulnerability to elevate privileges...