2May
CVE-2024-34025 | CyberPower PowerPanel up to 4.9.0 JWT Signing Key hard-coded password (icsa-24-123-01)
A vulnerability has been found in CyberPower PowerPanel up to 4.9.0 and classified as very critical. Affected by this vulnerability is an unknown functionality of the component JWT Signing Key Handler. The manipulation leads to use of hard-coded password. This vulnerability is known as CVE-2024-34025. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.