Upsmon Pro Security Vulnerabilities and Issues — Upsmon Pro CVE List

Lucene search

UpspowercomUpsmon Pro

2 matches found

CVE•added 2022/11/10 3:15 p.m.•40 views

CVE-2022-38120

UPSMON PRO’s has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to bypass authentication and access arbitrary system files.

6.5CVSS6.7AI score0.30965EPSS

CVE•added 2022/11/10 3:15 p.m.•35 views

CVE-2022-38121

UPSMON PRO configuration file stores user password in plaintext under public user directory. A remote attacker with general user privilege can access all users‘ and administrators' account names and passwords via this unprotected configuration file.

6.5CVSS6.6AI score0.4186EPSS