Vulnerabilities > Apsystems > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-14 | CVE-2023-28343 | OS Command Injection vulnerability in Apsystems Energy Communication Unit Firmware C1.2.5 OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone parameter, because of set_timezone in models/management_model.php. | 9.8 |
| 2023-02-10 | CVE-2022-45699 | OS Command Injection vulnerability in Apsystems Ecu-R Firmware 5203 Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote unauthenticated attacker to execute arbitrary commands as root using the timezone parameter. | 9.8 |