CVE-2023-28343 Information

Description

OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone parameter because of set_timezone in models/management_model.php.

Reference

https://github.com/ahmedalroky/Disclosures/blob/main/apesystems/os_command_injection.md https://apsystems.com