Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user "cyberpower" by appending a non-printable character.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator with hardcoded default credentials.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
转义、元或控制序列转义处理不恰当
Vulnerability Title
Cyber Power Systems CyberPower PowerPanel Enterprise 安全漏洞
Vulnerability Description
Cyber Power Systems CyberPower PowerPanel Business Edition是美国Cyber Power Systems公司的一套电源管理软件。该软件可自动关闭物理和虚拟基础架构、并监控和管理CyberPower UPS系统和网络连接的PDU(电源分配单元)。 CyberPower PowerPanel Enterprise 存在安全漏洞,该漏洞源于无法清理用户名中的元字符,允许攻击者通过附加不可打印的字符使用默认用户cyberpower登录应用程序,攻击者
CVSS Information
N/A
Vulnerability Type
N/A