Apcupsd : Security Vulnerabilities CVSS score >= 2

CVE-2019-12585

Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php.
Max Base Score
9.8
Published
2019-06-03
Updated
2020-08-24
EPSS
0.40%

CVE-2019-12584

Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php.
Max Base Score
6.1
Published
2019-06-03
Updated
2019-06-04
EPSS
0.12%

CVE-2017-7884

In Adam Kropelin adk0212 APC UPS Daemon through 3.14.14, the default installation of APCUPSD allows a local authenticated, but unprivileged, user to run arbitrary code with elevated privileges by replacing the service executable apcupsd.exe with a malicious executable that will run with SYSTEM privileges at startup. This occurs because of "RW NT AUTHORITY\Authenticated Users" permissions for %SYSTEMDRIVE%\apcupsd\bin\apcupsd.exe.
Max Base Score
8.4
Published
2017-06-16
Updated
2019-10-03
EPSS
0.10%

CVE-2003-0098

Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.
Max Base Score
10.0
Published
2003-03-03
Updated
2018-09-26
EPSS
0.95%
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close