CVE-2023-29412
published 2023-04-18CVE-2023-29412: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote code execution…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command
Injection') vulnerability exists that could cause remote code execution when manipulating
internal methods through Java RMI interface.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| schneider-electric | apc_easy_ups_online_monitoring_software | <= 2.5-ga-01-22320 | — |
| schneider-electric | easy_ups_online_monitoring_software | <= 2.5-gs-01-22320 | — |