CISA has published an advisory on a path traversal vulnerability in Schneider Electric APC Easy UPS On-Line. SFAPV9601 v2.0 and earlier are affected. Successful exploitation of the vulnerability could lead to remote code execution. Schneider Electric recommends users of versions below v2.1 to update to the latest version as soon as possible. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.