Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CyberPower — Vulnerabilities & Security Advisories 20

Browse all 20 CVE security advisories affecting CyberPower. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CyberPower Systems manufactures uninterruptible power supplies (UPS) and power distribution units primarily for commercial and residential energy backup. The company’s network-connected management software and firmware have historically exposed devices to significant security risks, resulting in twenty recorded Common Vulnerabilities and Exposures. These flaws predominantly involve remote code execution, cross-site scripting, and privilege escalation, often stemming from inadequate input validation and weak authentication mechanisms in web interfaces. While no widespread public breaches have been widely reported, the presence of these vulnerabilities allows attackers to potentially gain unauthorized control over power management systems, disrupting critical infrastructure operations. The recurring nature of these issues highlights persistent challenges in securing embedded IoT devices with limited patching cycles. Users are advised to isolate these devices on segmented networks and regularly update firmware to mitigate exploitation risks associated with the identified software defects.

Top products by CyberPower: PowerPanel business CyberPower PowerPanel Enterprise PowerPanel Business Local / Remote PowerPanel Enterprise
CVE IDTitleCVSSSeverityPublished
CVE-2024-31409 CyberPower PowerPanel business Incorrect Authorization — PowerPanel businessCWE-863 6.5 Medium2024-05-15
CVE-2024-31410 CyberPower PowerPanel business Use of Hard-coded Cryptographic Key — PowerPanel businessCWE-321 7.7 High2024-05-15
CVE-2024-31856 CyberPower PowerPanel business SQL Injection — PowerPanel businessCWE-89 8.8 High2024-05-15
CVE-2024-32042 CyberPower PowerPanel business Storing Passwords in a Recoverable Format — PowerPanel businessCWE-257 4.9 Medium2024-05-15
CVE-2024-32047 CyberPower PowerPanel business Active Debug Code — PowerPanel businessCWE-489 9.8 Critical2024-05-15
CVE-2024-32053 CyberPower PowerPanel business Use of Hard-coded Credentials — PowerPanel businessCWE-798 9.8 Critical2024-05-15
CVE-2024-33615 CyberPower PowerPanel business Relative Path Traversal — PowerPanel businessCWE-23 8.8 High2024-05-15
CVE-2024-33625 CyberPower PowerPanel business Use of Hard-coded Password — PowerPanel businessCWE-259 9.8 Critical2024-05-15
CVE-2024-34025 CyberPower PowerPanel business Use of Hard-coded Password — PowerPanel businessCWE-259 9.8 Critical2024-05-15
CVE-2024-32739 CyberPower PowerPanel Enterprise SQL Injection — CyberPower PowerPanel Enterprise 7.5 High2024-05-09
CVE-2024-32738 CyberPower PowerPanel Enterprise SQL Injection — CyberPower PowerPanel Enterprise 7.5 High2024-05-09
CVE-2024-32737 CyberPower PowerPanel Enterprise SQL Injection — CyberPower PowerPanel Enterprise 7.5 High2024-05-09
CVE-2024-32736 CyberPower PowerPanel Enterprise SQL Injection — CyberPower PowerPanel Enterprise 7.5 High2024-05-09
CVE-2024-32735 CyberPower PowerPanel Enterprise Missing Authentication — CyberPower PowerPanel Enterprise 9.8 Critical2024-05-09
CVE-2023-3267 CyberPower PowerPanel Business Edition 操作系统命令注入漏洞 — PowerPanel EnterpriseCWE-78 9.1 Critical2023-08-14
CVE-2023-3266 CyberPower PowerPanel Business Edition 安全漏洞 — PowerPanel EnterpriseCWE-358 9.8 Critical2023-08-14
CVE-2023-3265 Cyber Power Systems CyberPower PowerPanel Enterprise 安全漏洞 — PowerPanel EnterpriseCWE-150 9.8 Critical2023-08-14
CVE-2023-25133 Improper privilege management vulnerability in CyberPower PowerPanel Business — PowerPanel Business Local / RemoteCWE-269 9.1 Critical2023-04-24
CVE-2023-25131 Use of default password vulnerability in CyberPower PowerPanel Business — PowerPanel Business Local / RemoteCWE-1393 9.4 Critical2023-04-24
CVE-2023-25132 Unrestricted upload of file with dangerous type vulnerability in CyberPower PowerPanel Business — PowerPanel Business Local / RemoteCWE-434 9.1 Critical2023-04-24

This page lists every published CVE security advisory associated with CyberPower. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.