Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cyberpower powerpanel vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-3266
A non-feature complete authentication mechanism exists in the production application allowing an malicious user to bypass all authentication checks if LDAP authentication is selected.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPan...
Cyberpower Powerpanel Server
9.8
CVSSv3
CVE-2023-3265
An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an malicious user to login into the application with the default user "cyberpower" by appending a non-printable character.An unauthenti...
Cyberpower Powerpanel Server
9.8
CVSSv3
CVE-2023-3264
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database. A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to...
Cyberpower Powerpanel Server
Dataprobe Iboot-pdu4a-c10 Firmware
Dataprobe Iboot-pdu4a-c20 Firmware
Dataprobe Iboot-pdu4a-n15 Firmware
Dataprobe Iboot-pdu4a-n20 Firmware
Dataprobe Iboot-pdu4-c20 Firmware
Dataprobe Iboot-pdu4-n20 Firmware
Dataprobe Iboot-pdu4sa-c10 Firmware
Dataprobe Iboot-pdu4sa-c20 Firmware
Dataprobe Iboot-pdu4sa-n15 Firmware
Dataprobe Iboot-pdu4sa-n20 Firmware
Dataprobe Iboot-pdu8a-2c10 Firmware
Dataprobe Iboot-pdu8a-2c20 Firmware
Dataprobe Iboot-pdu8a-2n15 Firmware
Dataprobe Iboot-pdu8a-2n20 Firmware
Dataprobe Iboot-pdu8a-c10 Firmware
Dataprobe Iboot-pdu8a-c20 Firmware
Dataprobe Iboot-pdu8a-n15 Firmware
Dataprobe Iboot-pdu8a-n20 Firmware
Dataprobe Iboot-pdu8sa-2n15 Firmware
Dataprobe Iboot-pdu8sa-c10 Firmware
Dataprobe Iboot-pdu8sa-n15 Firmware
9.8
CVSSv3
CVE-2023-25133
Improper privilege management vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and previous versions, PowerPanel Business Management for Windows v4.8.6 and previous versions, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and previ...
Cyberpower Powerpanel
9.8
CVSSv3
CVE-2023-25132
Unrestricted upload of file with dangerous type vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and previous versions, PowerPanel Business Management for Windows v4.8.6 and previous versions, PowerPanel Business Local/Remote for Linux 32bi...
Cyberpower Powerpanel
9.8
CVSSv3
CVE-2023-25131
Use of default password vulnerability in PowerPanel Business Local/Remote for Windows v4.8.6 and previous versions, PowerPanel Business Management for Windows v4.8.6 and previous versions, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and previous versions, PowerPanel B...
Cyberpower Powerpanel
8.8
CVSSv3
CVE-2023-3267
When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitra...
Cyberpower Powerpanel Server
8.8
CVSSv3
CVE-2023-3260
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to command injection via the `user-name` URL parameter. An authenticated malicious agent can exploit this vulnerability to execute arbitrary command on the underlying Linux operating system.
Cyberpower Powerpanel Server
Dataprobe Iboot-pdu4a-c10 Firmware
Dataprobe Iboot-pdu4a-c20 Firmware
Dataprobe Iboot-pdu4a-n15 Firmware
Dataprobe Iboot-pdu4a-n20 Firmware
Dataprobe Iboot-pdu4-c20 Firmware
Dataprobe Iboot-pdu4-n20 Firmware
Dataprobe Iboot-pdu4sa-c10 Firmware
Dataprobe Iboot-pdu4sa-c20 Firmware
Dataprobe Iboot-pdu4sa-n15 Firmware
Dataprobe Iboot-pdu4sa-n20 Firmware
Dataprobe Iboot-pdu8a-2c10 Firmware
Dataprobe Iboot-pdu8a-2c20 Firmware
Dataprobe Iboot-pdu8a-2n15 Firmware
Dataprobe Iboot-pdu8a-2n20 Firmware
Dataprobe Iboot-pdu8a-c10 Firmware
Dataprobe Iboot-pdu8a-c20 Firmware
Dataprobe Iboot-pdu8a-n15 Firmware
Dataprobe Iboot-pdu8a-n20 Firmware
Dataprobe Iboot-pdu8sa-2n15 Firmware
Dataprobe Iboot-pdu8sa-c10 Firmware
Dataprobe Iboot-pdu8sa-n15 Firmware
8.8
CVSSv3
CVE-2019-13071
CSRF in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows an malicious user to submit POST requests to any forms in the web application. This can be exploited by tricking an authenticated user into visiting an attacker controlled web page.
Cyberpowersystems Powerpanel 3.4.0
7.2
CVSSv3
CVE-2023-3261
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier contains a buffer overflow vulnerability in the librta.so.0.0.0 library.Successful exploitation could cause denial of service or unexpected behavior with respect to all interactions relying on the targeted ...
Cyberpower Powerpanel Server
Dataprobe Iboot-pdu4a-c10 Firmware
Dataprobe Iboot-pdu4a-c20 Firmware
Dataprobe Iboot-pdu4a-n15 Firmware
Dataprobe Iboot-pdu4a-n20 Firmware
Dataprobe Iboot-pdu4-c20 Firmware
Dataprobe Iboot-pdu4-n20 Firmware
Dataprobe Iboot-pdu4sa-c10 Firmware
Dataprobe Iboot-pdu4sa-c20 Firmware
Dataprobe Iboot-pdu4sa-n15 Firmware
Dataprobe Iboot-pdu4sa-n20 Firmware
Dataprobe Iboot-pdu8a-2c10 Firmware
Dataprobe Iboot-pdu8a-2c20 Firmware
Dataprobe Iboot-pdu8a-2n15 Firmware
Dataprobe Iboot-pdu8a-2n20 Firmware
Dataprobe Iboot-pdu8a-c10 Firmware
Dataprobe Iboot-pdu8a-c20 Firmware
Dataprobe Iboot-pdu8a-n15 Firmware
Dataprobe Iboot-pdu8a-n20 Firmware
Dataprobe Iboot-pdu8sa-2n15 Firmware
Dataprobe Iboot-pdu8sa-c10 Firmware
Dataprobe Iboot-pdu8sa-n15 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »