CVE-2023-3267

2023-08-1405:15:10

CWE-78

[email protected]

web.nvd.nist.gov

cve-2023-3267

remote backup location

authenticated user

os command injection

cyberpower powerpanel enterprise

nvd

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.9%

JSON

When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server.

Affected configurations

NVD

Node

cyberpowerpowerpanel_serverRange<2.6.9enterprise

CPENameOperatorVersion
cyberpower:powerpanel_servercyberpower powerpanel serverlt2.6.9

CPE	Name	Operator	Version
cyberpower:powerpanel_server	cyberpower powerpanel server	lt	2.6.9

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "PowerPanel Enterprise",
    "vendor": "CyberPower",
    "versions": [
      {
        "status": "affected",
        "version": "v2.6.0"
      }
    ]
  }
]