CyberSec.Space Logo
CVEブラウザに戻る

CVE-2019-12584

MEDIUM
6.1
CVSS Severity Score
EPSS Score0.1150%
EPSS Percentile13.41th
Published2019年6月3日
Last Modified2024年11月21日

Vulnerability Description

Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php.

Affected Platforms (CPE)

📦
Apcupsd

Apcupsd

= 0.3.91_5
📦
Netgate

Pfsense

< 2.4.4
📦
Netgate

Pfsense

= 2.4.4
📦
Netgate

Pfsense

= 2.4.4
📦
Netgate

Pfsense

= 2.4.4
📦
Netgate

Pfsense

= 2.4.4

References & Advisories

🔗 https://ctrsec.io/index.php/2019/05/28/cve-2019-12584-12585-command-injection-vulnerability-on-pfsense-2-4-4-release-p3/
🔗 https://github.com/pfsense/FreeBSD-ports/commit/b492c0ea47aba8dde2f14183e71498ba207594e3
🔗 https://redmine.pfsense.org/issues/9556
🔗 https://ctrsec.io/index.php/2019/05/28/cve-2019-12584-12585-command-injection-vulnerability-on-pfsense-2-4-4-release-p3/
🔗 https://github.com/pfsense/FreeBSD-ports/commit/b492c0ea47aba8dde2f14183e71498ba207594e3
🔗 https://redmine.pfsense.org/issues/9556

関連する脆弱性情報

CVE-2003-009810.0

Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly...

CVE-2019-125859.8

Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcu...

CVE-2017-78848.4

In Adam Kropelin adk0212 APC UPS Daemon through 3.14.14, the default installation of APCUPSD allows a local authenticated, but unp...

CVE-2003-00997.2

Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or e...