Title:Cyber Power Systems PowerPanel Enterprise 安全漏洞 (CVE-2024-32739) Description:Cyber Power Systems PowerPanel Enterprise是Cyber Power Systems公司的一个旨在提供实时 PUE、PUE 趋势和总能源使用趋势的软件。 Cyber Power Systems PowerPanel Enterprise v2.8.3 版本之前存在安全漏洞,该漏洞源于 MCUDBHelper 模块的 query_ptask_verbose 方法存在 SQL 注入漏洞。攻击者利用该漏洞可以泄露敏感信息。
Description
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3.
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.