Unrated severityNVD Advisory· Published May 9, 2024· Updated Aug 2, 2024

CyberPower PowerPanel Enterprise Missing Authentication

CVE-2024-32735

Description

An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can access the PDNU REST APIs, which may result in compromise of the application.

Affected products

Cyberpower/Cyberpower Powerpanel Enterprisev5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cyberpower.com/global/en/File/GetFileSampleByTypemitre
www.tenable.com/security/research/tra-2024-14mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.057
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000