Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Apcupsd Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-12585 2 Apcupsd, Netgate 2 Apcupsd, Pfsense 2020-08-24 7.5 HIGH 9.8 CRITICAL
Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php.
CVE-2017-7884 1 Apcupsd 1 Apc Ups Daemon 2019-10-02 7.2 HIGH 8.4 HIGH
In Adam Kropelin adk0212 APC UPS Daemon through 3.14.14, the default installation of APCUPSD allows a local authenticated, but unprivileged, user to run arbitrary code with elevated privileges by replacing the service executable apcupsd.exe with a malicious executable that will run with SYSTEM privileges at startup. This occurs because of "RW NT AUTHORITY\Authenticated Users" permissions for %SYSTEMDRIVE%\apcupsd\bin\apcupsd.exe.
CVE-2019-12584 2 Apcupsd, Netgate 2 Apcupsd, Pfsense 2019-06-04 4.3 MEDIUM 6.1 MEDIUM
Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php.
CVE-2003-0098 2 Apcupsd, Debian 2 Apcupsd, Debian Linux 2018-09-26 10.0 HIGH N/A
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.