Vulnerabilidades em CyberPower
20 resultadosCVE-2024-32735CRITICALCyberPower PowerPanel Enterprise Missing AuthenticationEPSS 6.8%CVE-2024-32736HIGHCyberPower PowerPanel Enterprise SQL InjectionEPSS 5.4%CVE-2024-32737HIGHCyberPower PowerPanel Enterprise SQL InjectionEPSS 5.4%CVE-2024-32739HIGHCyberPower PowerPanel Enterprise SQL InjectionEPSS 5.4%CVE-2024-32738HIGHCyberPower PowerPanel Enterprise SQL InjectionEPSS 4.5%CVE-2023-3267CRITICALWhen adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passeEPSS 1.7%CVE-2023-3265CRITICALAn authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an atEPSS 1.5%CVE-2023-25132CRITICALUnrestricted upload of file with dangerous type vulnerability in CyberPower PowerPanel BusinessEPSS 1.1%CVE-2023-25133CRITICALImproper privilege management vulnerability in CyberPower PowerPanel BusinessEPSS 1.0%CVE-2023-25131CRITICALUse of default password vulnerability in CyberPower PowerPanel BusinessEPSS 1.0%CVE-2023-3266CRITICALA non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checkEPSS 0.8%CVE-2024-33615HIGHCyberPower PowerPanel business Relative Path TraversalEPSS 0.7%CVE-2024-34025CRITICALCyberPower PowerPanel business Use of Hard-coded PasswordEPSS 0.6%CVE-2024-31856HIGHCyberPower PowerPanel business SQL InjectionEPSS 0.5%CVE-2024-33625CRITICALCyberPower PowerPanel business Use of Hard-coded PasswordEPSS 0.5%CVE-2024-32047CRITICALCyberPower PowerPanel business Active Debug CodeEPSS 0.5%CVE-2024-32053CRITICALCyberPower PowerPanel business Use of Hard-coded CredentialsEPSS 0.5%CVE-2024-32042MEDIUMCyberPower PowerPanel business Storing Passwords in a Recoverable FormatEPSS 0.4%CVE-2024-31409MEDIUMCyberPower PowerPanel business Incorrect AuthorizationEPSS 0.4%CVE-2024-31410HIGHCyberPower PowerPanel business Use of Hard-coded Cryptographic KeyEPSS 0.2%