Skip to main content

Easy Ups Online Monitoring Software

4 CVEs product

Monthly

CVE-2023-6407 HIGH This Week

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause arbitrary file deletion upon service restart when accessed by a local. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Easy Ups Online Monitoring Software
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-29413 HIGH PATCH This Week

A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause Denial-of-Service when accessed by an unauthenticated user on the Schneider UPS Monitor service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Schneider Electric Authentication Bypass Apc Easy Ups Online Monitoring Software Easy Ups Online Monitoring Software
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-29412 CRITICAL PATCH Act Now

Injection') vulnerability exists that could cause remote code execution when manipulating internal methods through Java RMI interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Java RCE Command Injection Apc Easy Ups Online Monitoring Software Easy Ups Online Monitoring Software
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-29411 CRITICAL PATCH Act Now

A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow changes to administrative credentials, leading to potential remote code execution without requiring prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java RCE Authentication Bypass Apc Easy Ups Online Monitoring Software Easy Ups Online Monitoring Software
NVD
CVSS 3.1
9.8
EPSS
1.3%
EPSS 0% CVSS 7.1
HIGH This Week

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause arbitrary file deletion upon service restart when accessed by a local. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Easy Ups Online Monitoring Software
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause Denial-of-Service when accessed by an unauthenticated user on the Schneider UPS Monitor service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Schneider Electric Authentication Bypass Apc Easy Ups Online Monitoring Software +1
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Injection') vulnerability exists that could cause remote code execution when manipulating internal methods through Java RMI interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Java RCE Command Injection +2
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow changes to administrative credentials, leading to potential remote code execution without requiring prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java RCE Authentication Bypass +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy