VYPR
Vendor

APSystems

Products
4
CVEs
3
Across products
3
Status
Private

Products

4

Recent CVEs

3
  • CVE-2023-28343CriMar 14, 2023
    risk 0.74cvss 9.8epss 0.85

    OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone parameter, because of set_timezone in models/management_model.php.

  • CVE-2022-45699CriFeb 10, 2023
    risk 0.70cvss 9.8epss 0.77

    Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote unauthenticated attacker to execute arbitrary commands as root using the timezone parameter.

  • CVE-2022-44037HigNov 29, 2022
    risk 0.57cvss 8.8epss 0.01

    An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows attackers to access sensitive data and execute specific commands and functions with full admin rights without authenticating allows him…