A specially crafted Zip file containing path traversal characters can be
imported to the
CyberPower PowerPanel
server, which allows file writing to the server outside
the intended scope, and could allow an attacker to achieve remote code
execution.
References
Configurations
No configuration.
History
21 Nov 2024, 09:17
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01 - | |
References | () https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads - |
16 May 2024, 13:03
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
15 May 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-15 20:15
Updated : 2024-11-21 09:17
NVD link : CVE-2024-33615
Mitre link : CVE-2024-33615
CVE.ORG link : CVE-2024-33615
JSON object : View
Products Affected
No product.
CWE
CWE-23
Relative Path Traversal