← Volver a CVEs
CVE-2024-32047
CRITICAL9.8
Descripcion
Hard-coded credentials for the CyberPower PowerPanel test server can be found in the production code. This might result in an attacker gaining access to the testing or production server.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado5/15/2024
Ultima modificacion7/30/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
cyberpower:powerpanel
Debilidades (CWE)
CWE-489
Referencias
https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01(ics-cert@hq.dhs.gov)
https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads(ics-cert@hq.dhs.gov)
https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01(af854a3a-2127-422b-91ae-364da2661108)
https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.