Vulnerability CVE-2024-33615


Published: 2024-05-15

Description:
A specially crafted Zip file containing path traversal characters can be
imported to the
CyberPower PowerPanel

server, which allows file writing to the server outside
the intended scope, and could allow an attacker to achieve remote code
execution.

Type:

CWE-23

(Relative Path Traversal)

 References:
https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01
https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads

Copyright 2026, cxsecurity.com

 

Back to Top