Apcupsd : Security Vulnerabilities, CVEs, CVSS score >= 2
Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php.
Max CVSS
9.8
EPSS Score
0.40%
Published
2019-06-03
Updated
2020-08-24
Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php.
Max CVSS
6.1
EPSS Score
0.12%
Published
2019-06-03
Updated
2019-06-04
In Adam Kropelin adk0212 APC UPS Daemon through 3.14.14, the default installation of APCUPSD allows a local authenticated, but unprivileged, user to run arbitrary code with elevated privileges by replacing the service executable apcupsd.exe with a malicious executable that will run with SYSTEM privileges at startup. This occurs because of "RW NT AUTHORITY\Authenticated Users" permissions for %SYSTEMDRIVE%\apcupsd\bin\apcupsd.exe.
Max CVSS
8.4
EPSS Score
0.10%
Published
2017-06-16
Updated
2019-10-03
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.
Max CVSS
10.0
EPSS Score
0.95%
Published
2003-03-03
Updated
2018-09-26
4 vulnerabilities found