An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user "cyberpower" by appending a non-printable character.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator with hardcoded default credentials.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: trellix
Published: 2023-08-14T04:08:06.402Z
Updated: 2024-08-02T06:48:08.459Z
Reserved: 2023-06-15T06:50:34.078Z
Link: CVE-2023-3265
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-08-14T05:15:09.987
Modified: 2023-08-22T16:20:24.977
Link: CVE-2023-3265
Redhat
No data.