Lucene search
K

113 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 7:12 a.m.6 views

CVE-2024-32738

A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "queryptasklean" function within MCUDBHelper...

7.5CVSS6.9AI score0.04515EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:7 a.m.6 views

CVE-2024-32736

A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "queryutaskverbose" function within MCUDBHelper...

7.5CVSS6.9AI score0.05408EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:6 a.m.6 views

CVE-2024-32053

Hard-coded credentials are used by the CyberPower PowerPanel platform to authenticate to the database, other services, and the cloud. This could result in an attacker gaining access to services with the privileges of a Powerpanel business application...

9.8CVSS6.9AI score0.00474EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:3 a.m.5 views

CVE-2024-32737

A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "querycontractresult" function within MCUDBHelper...

7.5CVSS6.9AI score0.05408EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:54 a.m.6 views

CVE-2024-32047

Hard-coded credentials for the CyberPower PowerPanel test server can be found in the production code. This might result in an attacker gaining access to the testing or production server...

9.8CVSS6.9AI score0.00513EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:52 a.m.8 views

CVE-2024-32739

A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "queryptaskverbose" function within MCUDBHelper...

7.5CVSS6.9AI score0.05408EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 2:47 a.m.7 views

CVE-2024-33625

CyberPower PowerPanel business application code contains a hard-coded JWT signing key. This could result in an attacker forging JWT tokens to bypass authentication...

9.8CVSS7AI score0.00523EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 2:38 a.m.8 views

CVE-2024-33615

A specially crafted Zip file containing path traversal characters can be imported to the CyberPower PowerPanel server, which allows file writing to the server outside the intended scope, and could allow an attacker to achieve remote code execution...

8.8CVSS7.5AI score0.00713EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:40 a.m.5 views

CVE-2024-11322

A denial-of-service vulnerability exists in CyberPower PowerPanel Business PPB 4.11.0. An unauthenticated remote attacker can restart the ppbd.exe process via the PowerPanel Business Service Watchdog service listening on TCP port 2003. The attacker can repeatedly restart ppbd.exe to render it...

7.5CVSS7AI score0.00598EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:27 a.m.7 views

CVE-2024-31410

The devices which CyberPower PowerPanel manages use identical certificates based on a hard-coded cryptographic key. This can allow an attacker to impersonate any client in the system and send malicious data...

7.7CVSS6.9AI score0.002EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/01/22 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-32736

A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "queryutaskverbose" function within MCUDBHelper...

7.5CVSS5.8AI score0.05408EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/01/22 12:0 a.m.7 views

VulnCheck KEV: CVE-2024-32739

A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "queryptaskverbose" function within MCUDBHelper...

7.5CVSS5.8AI score0.05408EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/01/22 12:0 a.m.6 views

VulnCheck KEV: CVE-2024-32738

A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "queryptasklean" function within MCUDBHelper...

7.5CVSS5.8AI score0.04515EPSS
Exploits0References1
NVD
NVD
added 2025/01/15 2:15 p.m.10 views

CVE-2024-11322

A denial-of-service vulnerability exists in CyberPower PowerPanel Business PPB 4.11.0. An unauthenticated remote attacker can restart the ppbd.exe process via the PowerPanel Business Service Watchdog service listening on TCP port 2003. The attacker can repeatedly restart ppbd.exe to render it...

7.5CVSS0.00598EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/15 2:3 p.m.3 views

CVE-2024-11322 CyberPower PowerPanel Business Unauthenticated Restart DoS

A denial-of-service vulnerability exists in CyberPower PowerPanel Business PPB 4.11.0. An unauthenticated remote attacker can restart the ppbd.exe process via the PowerPanel Business Service Watchdog service listening on TCP port 2003. The attacker can repeatedly restart ppbd.exe to render it...

7.5CVSS7.5AI score0.00598EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/15 2:3 p.m.15 views

CVE-2024-11322 CyberPower PowerPanel Business Unauthenticated Restart DoS

A denial-of-service vulnerability exists in CyberPower PowerPanel Business PPB 4.11.0. An unauthenticated remote attacker can restart the ppbd.exe process via the PowerPanel Business Service Watchdog service listening on TCP port 2003. The attacker can repeatedly restart ppbd.exe to render it...

7.5CVSS0.00598EPSS
Exploits0References1
CVE
CVE
added 2025/01/15 2:3 p.m.52 views

CVE-2024-11322

CyberPower PowerPanel Business (PPB) 4.11.0 has an unauthenticated DoS that allows a remote attacker to restart the ppbd.exe process via the PowerPanel Business Service Watchdog on TCP port 2003, rendering the service unavailable. The root cause is an authorization/restart capability within the w...

7.5CVSS7.5AI score0.00598EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/15 12:0 a.m.3 views

PT-2025-1636 · Cyberpower · Cyberpower Powerpanel Business

Name of the Vulnerable Software and Affected Versions: CyberPower PowerPanel Business version 4.11.0 Description: A denial-of-service issue exists, allowing an unauthenticated remote attacker to restart the ppbd.exe process via the PowerPanel Business Service Watchdog service listening on TCP por...

7.5CVSS6.4AI score0.00598EPSS
Exploits0References5
NVD
NVD
added 2024/05/15 8:15 p.m.13 views

CVE-2024-34025

CyberPower PowerPanel business application code contains a hard-coded set of authentication credentials. This could result in an attacker bypassing authentication and gaining administrator privileges...

9.8CVSS9.7AI score0.00564EPSS
Exploits0References2
OSV
OSV
added 2024/05/15 8:15 p.m.6 views

CVE-2024-32047

Hard-coded credentials for the CyberPower PowerPanel test server can be found in the production code. This might result in an attacker gaining access to the testing or production server...

9.8CVSS5.7AI score0.00513EPSS
Exploits0References2
Rows per page
Query Builder