CVE-2026-2405

MEDIUM WAF: Medium

CVSS 6.5 Published: 2026-04-14

CWE-400

CWE-400 Uncontrolled Resource Consumption vulnerability exists that could cause excessive troubleshooting zip file creation and denial of service when a Web Admin user floods the system with POST /helpabout requests.

WAF Coverage Analysis

Uncontrolled Resource Consumption Medium WAF Coverage

OWASP: A05:2021 Security Misconfiguration

912xxx - DOS Protection

Affected Software

Vendor	Product	Version
schneider-electric	powerchute_serial_shutdown	up to 1.5

References

download.schneider-electric.com (Vendor Advisory)

Back to CVE Database