cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-29411,https://securityvulnerability.io/vulnerability/CVE-2023-29411,Missing Authentication Vulnerability in Java RMI Interface by Schneider Electric,"A vulnerability exists in Schneider Electric's Java RMI interface, where missing authentication may allow unauthorized changes to administrative credentials. This flaw could potentially enable remote code execution, posing a significant risk as no prior authentication is required for exploitation.",Schneider Electric,"Apc Easy Ups Online Monitoring Software (windows 10, 11 Windows Server 2016, 2019, 2022),Schneider Electric Easy Ups Online Monitoring Software (windows 10, 11 Windows Server 2016, 2019, 2022)",9.8,CRITICAL,0.0021800000686198473,false,,false,false,false,,,false,false,,2023-04-18T21:15:00.000Z,0
CVE-2023-29412,https://securityvulnerability.io/vulnerability/CVE-2023-29412,OS Command Injection Vulnerability in Schneider Electric’s Java RMI Interface,"An OS Command Injection vulnerability exists in the Java RMI interface of affected Schneider Electric products. This flaw could allow an attacker to manipulate internal methods, leading to potential remote code execution. Proper neutralization of special elements is essential to prevent abuse of this vulnerability, which may expose systems to unauthorized control and actions.",Schneider Electric,"Apc Easy Ups Online Monitoring Software (windows 10, 11 Windows Server 2016, 2019, 2022),Schneider Electric Easy Ups Online Monitoring Software (windows 10, 11 Windows Server 2016, 2019, 2022)",9.8,CRITICAL,0.0015399999683722854,false,,false,false,false,,,false,false,,2023-04-18T21:15:00.000Z,0
CVE-2023-29413,https://securityvulnerability.io/vulnerability/CVE-2023-29413,Missing Authentication Vulnerability in Schneider UPS Monitor Service,"The Schneider UPS Monitor service is affected by a missing authentication vulnerability that allows unauthenticated users to access critical functions. This can lead to a potential Denial-of-Service (DoS) condition, where vital operations of the UPS Monitor could be interrupted or rendered inaccessible. It is essential for users to update their systems and implement proper authentication protocols to mitigate these risks and protect their infrastructure from unauthorized access.",Schneider Electric,"Apc Easy Ups Online Monitoring Software (windows 10, 11 Windows Server 2016, 2019, 2022),Schneider Electric Easy Ups Online Monitoring Software (windows 10, 11 Windows Server 2016, 2019, 2022)",7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2023-04-18T21:15:00.000Z,0
CVE-2022-42971,https://securityvulnerability.io/vulnerability/CVE-2022-42971,Unrestricted File Upload Vulnerability in APC Easy UPS Online Monitoring Software by Schneider Electric,"The APC Easy UPS Online Monitoring Software is susceptible to an Unrestricted Upload of File with Dangerous Type vulnerability. This weakness allows an attacker to upload a malicious JSP file, which could potentially lead to remote code execution. Users of affected versions should prioritize updating their software to mitigate risks associated with unauthorized file uploads.",Schneider Electric,"Apc Easy Ups Online Monitoring Software,Schneider Electric Easy Ups Online Monitoring Software",9.8,CRITICAL,0.0040799998678267,false,,false,false,false,,,false,false,,2023-02-01T00:00:00.000Z,0
CVE-2022-42973,https://securityvulnerability.io/vulnerability/CVE-2022-42973,Local Privilege Escalation in Schneider Electric's Easy UPS Online Monitoring Software,"A vulnerability exists in Schneider Electric's Easy UPS Online Monitoring Software, which can allow a local attacker to escalate privileges by exploiting hard-coded credentials. This weakness arises when an attacker gains access to the database, risking unauthorized actions that could affect system integrity and reliability. Users are advised to update to the latest versions to mitigate this risk.",Schneider Electric,"Apc Easy Ups Online Monitoring Software,Schneider Electric Easy Ups Online Monitoring Software",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-02-01T00:00:00.000Z,0
CVE-2022-42972,https://securityvulnerability.io/vulnerability/CVE-2022-42972,Local Privilege Escalation in APC Easy UPS Online Monitoring Software by Schneider Electric,"A vulnerability exists in Schneider Electric's Easy UPS Online Monitoring Software that allows a local attacker to perform local privilege escalation. By modifying the webroot directory, an attacker can gain elevated privileges, potentially compromising critical resources on the system. This affects several versions of the software across multiple Windows operating systems, underscoring the importance of maintaining updated software versions to mitigate such risks.",Schneider Electric,"Apc Easy Ups Online Monitoring Software,Schneider Electric Easy Ups Online Monitoring Software",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-02-01T00:00:00.000Z,0
CVE-2022-42970,https://securityvulnerability.io/vulnerability/CVE-2022-42970,Missing Authentication in APC Easy UPS Online Monitoring Software by Schneider Electric,"The Easy UPS Online Monitoring Software by Schneider Electric exhibits a significant security vulnerability due to a lack of required authentication for critical functions. This flaw can potentially allow unauthorized users to access sensitive features or consume substantial system resources, posing a risk to system integrity and reliability. Users of affected versions are encouraged to update their software to mitigate potential security risks.",Schneider Electric,"Apc Easy Ups Online Monitoring Software,Schneider Electric Easy Ups Online Monitoring Software",9.8,CRITICAL,0.003169999923557043,false,,false,false,false,,,false,false,,2023-02-01T00:00:00.000Z,0