Vulnerability Description
A specially crafted Zip file containing path traversal characters can be imported to the CyberPower PowerPanel server, which allows file writing to the server outside the intended scope, and could allow an attacker to achieve remote code execution.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01
- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01
- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows
FAQ
What is CVE-2024-33615?
CVE-2024-33615 is a vulnerability with a CVSS score of 8.8 (HIGH). A specially crafted Zip file containing path traversal characters can be imported to the CyberPower PowerPanel server, which allows file writing to the server outside the intended scope, and coul...
How severe is CVE-2024-33615?
CVE-2024-33615 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-33615?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.