An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user cyberpower by appending a non-printable character.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator with hardcoded default credentials.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Powerpanel_server | Cyberpower | * | 2.6.9 (excluding) |