Vendor
APSystems
Products
4
CVEs
3
Across products
3
Status
Private
Products
4- 1 CVE
- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-28343 | Cri | 0.74 | 9.8 | 0.85 | Mar 14, 2023 | OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone parameter, because of set_timezone in models/management_model.php. | ||
| CVE-2022-45699 | Cri | 0.70 | 9.8 | 0.77 | Feb 10, 2023 | Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote unauthenticated attacker to execute arbitrary commands as root using the timezone parameter. | ||
| CVE-2022-44037 | Hig | 0.57 | 8.8 | 0.01 | Nov 29, 2022 | An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows attackers to access sensitive data and execute specific commands and functions with full admin rights without authenticating allows him… |
- risk 0.74cvss 9.8epss 0.85
OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone parameter, because of set_timezone in models/management_model.php.
- risk 0.70cvss 9.8epss 0.77
Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote unauthenticated attacker to execute arbitrary commands as root using the timezone parameter.
- risk 0.57cvss 8.8epss 0.01
An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows attackers to access sensitive data and execute specific commands and functions with full admin rights without authenticating allows him…