Approved changes feed: RSS · Atom

cpe:2.3:a:cyberpower:powerpanel:*:*:*:*:business:virtual_machine:*:*

part: a version: * update: *

VendorCyberpower (2a62c9be-26e1-571c-92ea-27ab54316d46)
ProductPowerpanel (92695e17-3806-556b-898b-a5df47f3cfcd)
Edition*
Language*
Software editionbusiness
Target softwarevirtual_machine
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/nathanvaughn/powerpanel-business-docker purl2cpe 2026-06-01 10:16:33.643719

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-25133 vulnerable 2026-06-08 05:56:08.551078 Improper privilege management vulnerability in CyberPower PowerPanel Business
CRITICAL (9.1)
Improper privilege management vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to execute operation system commands via unspecified vectors.
Published: 2023-04-24T00:00:00.000Z
Updated: 2025-02-04T17:22:44.012Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-25132 vulnerable 2026-06-08 05:56:08.550412 Unrestricted upload of file with dangerous type vulnerability in CyberPower PowerPanel Business
CRITICAL (9.1)
Unrestricted upload of file with dangerous type vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to execute operation system commands via unspecified vectors.
Published: 2023-04-24T00:00:00.000Z
Updated: 2025-02-04T17:25:19.666Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-25131 vulnerable 2026-06-08 05:56:08.549296 Use of default password vulnerability in CyberPower PowerPanel Business
CRITICAL (9.4)
Use of default password vulnerability in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the 'admin' password.
Published: 2023-04-24T00:00:00.000Z
Updated: 2025-02-04T17:25:51.219Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.