CVE-2023-25133

Improper privilege management vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to execute operation system commands via unspecified vectors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cyberpower:powerpanel:*:*:*:*:business:linux:*:*
cpe:2.3:a:cyberpower:powerpanel:*:*:*:*:business:macos:*:*
cpe:2.3:a:cyberpower:powerpanel:*:*:*:*:business:virtual_machine:*:*
cpe:2.3:a:cyberpower:powerpanel:*:*:*:*:business:windows:*:*

History

21 Nov 2024, 07:49

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 9.8
v2 : unknown
v3 : 9.1
References () https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_linux#downloads - Product () https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_linux#downloads - Product
References () https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_mac#downloads - Product () https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_mac#downloads - Product
References () https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_virtual_machine#downloads - Product () https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_virtual_machine#downloads - Product
References () https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads - Product () https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads - Product
References () https://zuso.ai/Advisory/ - Third Party Advisory () https://zuso.ai/Advisory/ - Third Party Advisory

Information

Published : 2023-04-24 11:15

Updated : 2024-11-21 07:49


NVD link : CVE-2023-25133

Mitre link : CVE-2023-25133

CVE.ORG link : CVE-2023-25133


JSON object : View

Products Affected

cyberpower

  • powerpanel
CWE
CWE-269

Improper Privilege Management