Title:Cyber Power Systems PowerPanel Enterprise 安全漏洞 (CVE-2024-32736) Description:Cyber Power Systems PowerPanel Enterprise是Cyber Power Systems公司的一个旨在提供实时 PUE、PUE 趋势和总能源使用趋势的软件。 Cyber Power Systems PowerPanel Enterprise v2.8.3 版本之前存在安全漏洞,该漏洞源于 MCUDBHelper 模块的 query_utask_verbose 方法存在 SQL 注入漏洞。攻击者利用该漏洞可以泄露敏感信息。
Description
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to .
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.