APC » Powerchute : Security Vulnerabilities, CVEs, CVSS score >= 7
Improper Input Validation vulnerability exists in PowerChute Business Edition (software V9.0.x and earlier) which could cause remote code execution when a script is executed during a shutdown event.
Max CVSS
8.8
EPSS Score
0.24%
Published
2020-08-31
Updated
2020-09-04
The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password, which allows remote attackers to gain system access.
Max CVSS
9.0
EPSS Score
0.18%
Published
2000-12-31
Updated
2008-09-05
2 vulnerabilities found