Apcupsd

apcupsd

4 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-12585 2Apcupsd Netgate 2Apcupsd Pfsense Nov 21, 2024 Jun 3, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php.
CVE-2019-12584 2Apcupsd Netgate 2Apcupsd Pfsense Nov 21, 2024 Jun 3, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php.
CVE-2017-7884 1Apcupsd 1Apc Ups Daemon May 13, 2026 Jun 16, 2017 N/A· v4 8.4 HIGH· v3 7.2 HIGH· v2 In Adam Kropelin adk0212 APC UPS Daemon through 3.14.14, the default installation of APCUPSD allows a local authenticated, but unprivileged, user to run arbitrary code with elevated privileges by replacing the service ex...Show more In Adam Kropelin adk0212 APC UPS Daemon through 3.14.14, the default installation of APCUPSD allows a local authenticated, but unprivileged, user to run arbitrary code with elevated privileges by replacing the service executable apcupsd.exe with a malicious executable that will run with SYSTEM privileges at startup. This occurs because of "RW NT AUTHORITY\Authenticated Users" permissions for %SYSTEMDRIVE%\apcupsd\bin\apcupsd.exe.Show less
CVE-2003-0098 2Apcupsd Debian 2Apcupsd Debian Linux Apr 16, 2026 Mar 3, 2003 N/A· v4 N/A· v3 10.0 HIGH· v2 Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.