Improper Input Validation vulnerability exists in PowerChute Business Edition (software V9.0.x and earlier) which could cause remote code execution when a script is executed during a shutdown event.
Max CVSS
8.8
EPSS Score
0.24%
Published
2020-08-31
Updated
2020-09-04
Cross-site scripting (XSS) vulnerability in Schneider Electric PowerChute Business Edition before 8.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.11%
Published
2011-12-07
Updated
2011-12-08
Unknown vulnerability in APC PowerChute Business Edition 6.0 through 7.0.1 allows remote attackers to cause a denial of service via unknown attack vectors.
Max CVSS
5.0
EPSS Score
2.15%
Published
2004-12-31
Updated
2017-07-11
PowerChute plus 5.0.2 creates a "Pwrchute" directory during installation that is shared and world writeable, which could allow remote attackers to modify or create files in that directory.
Max CVSS
5.0
EPSS Score
0.23%
Published
2002-12-31
Updated
2008-09-05
The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password, which allows remote attackers to gain system access.
Max CVSS
9.0
EPSS Score
0.18%
Published
2000-12-31
Updated
2008-09-05
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!