PowerPanel Business 安全漏洞

Cyber Power Systems CyberPower PowerPanel Business Edition is a suite of power management software from Cyber Power Systems, USA. The software automates the shutdown of physical and virtual infrastructures and monitors and manages CyberPower UPS systems and network-connected PDUs Power Distributi...

CVE-2023-25132 Unrestricted upload of file with dangerous type vulnerability in CyberPower PowerPanel Business

Unrestricted upload of file with dangerous type vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel...

CyberPower PowerPanel Business Edition 代码问题漏洞

Cyber Power Systems CyberPower PowerPanel Business Edition is a suite of power management software from Cyber Power Systems, USA. The software automates the shutdown of physical and virtual infrastructures and monitors and manages CyberPower UPS systems and network-connected PDUs Power Distributi...

PT-2023-19932 · Cyberpower · Powerpanel Business Management +1

Name of the Vulnerable Software and Affected Versions: PowerPanel Business Local/Remote for Windows versions 4.8.6 and earlier PowerPanel Business Management for Windows versions 4.8.6 and earlier PowerPanel Business Local/Remote for Linux 32bit versions 4.8.6 and earlier PowerPanel Business...

PT-2023-19933 · Apple +2 · Apple Macos +3

Name of the Vulnerable Software and Affected Versions: PowerPanel Business Local/Remote for Windows versions 4.8.6 and earlier PowerPanel Business Management for Windows versions 4.8.6 and earlier PowerPanel Business Local/Remote for Linux 32bit versions 4.8.6 and earlier PowerPanel Business...

CVE-2023-25133 Improper privilege management vulnerability in CyberPower PowerPanel Business

Improper privilege management vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote...

Virtuozzo PowerPanel Update 2 (7.0.4-75)

The update for Virtuozzo PowerPanel introduces new features as well as a stability and usability fix. Vulnerability id: PP-664 Wrong VA agent version could be displayed after an update...

Product update: Virtuozzo PowerPanel Update 1 (7.0.4-30)

The update for Virtuozzo PowerPanel introduces new features as well as stability and usability fixes. Vulnerability id: PP-578 The 'vzapi' command to reset the backup limit to 0 could fail. Vulnerability id: PP-580 A wrong config parameter was documented for instance default backup limit...

Product update: Virtuozzo PowerPanel RTM Hotfix 8 (7.0.3-151)

The update for Virtuozzo PowerPanel introduces a security fix, a new feature, and stability and usability fixes. Vulnerability id: PP-568 PowerPanel web interface could be vulnerable to clickjacking...

[Important] [Security] Virtuozzo PowerPanel Update 1 Hotfix 2 (7.0.4-47)

The update for Virtuozzo PowerPanel introduces a new feature and a security fix. Vulnerability id: PP-647 Fortify Docker configuration in the vzapi-compute service...

Product update: Virtuozzo PowerPanel RTM Hotfix 7 (7.0.3-145)

The update for Virtuozzo PowerPanel introduces stability fixes. Vulnerability id: PP-541 PowerPanel could stop working after node reboot. Vulnerability id: PP-548 'Action Failed' response to operations on virtual environments after updating. Vulnerability id: PP-553 Warning "No handlers could be...

Product update: Virtuozzo PowerPanel Update 1 Hotfix 1 (7.0.4-39)

The update for Virtuozzo PowerPanel introduces stability and usability fixes. Vulnerability id: PP-643 Attach and detach backup tasks missing or undefined in the task log. Vulnerability id: PP-642 The 'vzapi-api' package not updated on the controller when upgrading PowerPanel. Vulnerability id:...

Product update: Virtuozzo PowerPanel RTM Hotfix 6 (7.0.3-137)

The update for Virtuozzo PowerPanel introduces stability fixes. Vulnerability id: PP-546, PP-547 Unable to update the controller...

Product update: Virtuozzo PowerPanel RTM Hotfix 5 (7.0.3-133)

The update for Virtuozzo PowerPanel introduces stability fixes. Vulnerability id: PP-521 Attempts to log in to running VMs could fail with the error "Invalid credentials". Vulnerability id: PP-536 Needed to replace old packages with their updated versions...

PowerPanel Business Edition 3.4.0 Cross Site Request Forgery Vulnerability

PowerPanel Business Edition version 3.4.0 is vulnerable to cross site request forgery vulnerability. This can be exploited by tricking an authenticated user into visiting a web page controlled by a malicious person. Exploit Title: PowerPanel Business Edition 3.4.0 - Cross Site Request Forgery...

CVE-2019-13071

CSRF in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows an attacker to submit POST requests to any forms in the web application. This can be exploited by tricking an authenticated user into visiting an attacker controlled web page...

CVE-2019-13071

CSRF in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows an attacker to submit POST requests to any forms in the web application. This can be exploited by tricking an authenticated user into visiting an attacker controlled web page...

Cross site request forgery (csrf)

CSRF in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows an attacker to submit POST requests to any forms in the web application. This can be exploited by tricking an authenticated user into visiting an attacker controlled web page...

CVE-2019-13071

CVE-2019-13071 affects PowerPanel Business Edition 3.4.0 (Agent/Center component). The vulnerability is a CSRF flaw that allows an attacker to submit POST requests to arbitrary forms within the web application by convincing an authenticated user to visit a malicious page. This can enable actions ...

CVE-2019-13071

CSRF in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows an attacker to submit POST requests to any forms in the web application. This can be exploited by tricking an authenticated user into visiting an attacker controlled web page...