CVE-2024-31856 | CyberPower PowerPanel up to 4.9.0 MQTT Message sql injection (icsa-24-123-01)

Posted by Angelo Barbosa | May 2, 2024 | CVE

A vulnerability classified as critical has been found in CyberPower PowerPanel up to 4.9.0. Affected is an unknown function of the component MQTT Message Handler. The manipulation leads to sql injection.

This vulnerability is traded as CVE-2024-31856. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-31856 | CyberPower PowerPanel up to 4.9.0 MQTT Message sql injection (icsa-24-123-01)

Related Posts

CVE-2024-11257 | 1000 Projects Beauty Parlour Management System 1.0 forgot-password.php email sql injection

CVE-2024-5654 | CF7 Google Sheets Connector Plugin up to 5.0.9 on WordPress Configuration authorization

CVE-2014-125109 | BestWebSoft Portfolio Plugin up to 2.27 bws_menu/bws_menu.php bws_add_menu_render bwsmn_form_email cross site scripting

CVE-2024-35884 | Linux Kernel up to 5.10.214/5.15.153/6.1.84/6.6.25/6.8.4 udp_gro_receive access control