153 matches found
CVE-2022-3185
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product exposes sensitive data concerning the device...
CVE-2022-3185
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product exposes sensitive data concerning the device...
CVE-2022-3184
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the device’s existing firmware allows unauthenticated users to access an old PHP page vulnerable to directory traversal, which may allow a user to write a file to the webroot directory...
CVE-2022-3184
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 are affected by CVE-2022-3184, a path traversal vulnerability that allows unauthenticated access to an old PHP page and could let an attacker write a file to the webroot. Affected product: Dataprobe iBoot-PDU firmware before 1.42.06162022. Im...
CVE-2022-3184
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the device’s existing firmware allows unauthenticated users to access an old PHP page vulnerable to directory traversal, which may allow a user to write a file to the webroot directory...
CVE-2022-3183
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific function does not sanitize the input provided by the user, which may expose the affected to an OS command injection vulnerability...
CVE-2022-3183
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 are affected by CVE-2022-3183, an OS command injection vulnerability in a user-input handling function. The issue enables unauthenticated command execution via the device’s web interface, as documented by CISA ICS and NVD summaries. Affected ...
CVE-2022-3183
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific function does not sanitize the input provided by the user, which may expose the affected to an OS command injection vulnerability...
PT-2022-20963 · Dataprobe · Dataprobe Iboot Pdu
Name of the Vulnerable Software and Affected Versions: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 Description: The issue arises from certain PHP pages only validating when a valid connection is established with the database, but not verifying the validity of a user. This lack of...
PT-2022-20960 · Dataprobe · Dataprobe Iboot Pdu
Name of the Vulnerable Software and Affected Versions: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 Description: The affected product allows an attacker to access the device's main management page from the cloud. This feature enables users to remotely connect devices, however, the curre...
Critical Remote Hack Flaws Found in Dataprobe's Power Distribution Units
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday released an industrial control systems ICS advisory warning of seven security flaws in Dataprobe's iBoot-PDU power distribution unit product, mostly used in industrial environments and data centers. "Successful exploitation...
PT-2022-20976 · Dataprobe · Dataprobe Iboot Pdu
Name of the Vulnerable Software and Affected Versions: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 Description: The issue allows a specially crafted PHP script to use parameters from an HTTP request to create a URL capable of changing the host parameter. The changed host parameter in t...
PT-2022-20957 · Dataprobe · Dataprobe Iboot Pdu
Name of the Vulnerable Software and Affected Versions: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 Description: The affected product exposes sensitive data concerning the device. Recommendations: For versions prior to 1.42.06162022, update to version 1.42.06162022 or later to resolve t...
Dataprobe iBoot-PDU 路径遍历漏洞
The Dataprobe iBoot-PDU is a web-accessible managed PDU independently controlled outlet from Dataprobe USA. A path traversal vulnerability exists in the Dataprobe iBoot-PDU FW that stems from its firmware allowing unauthenticated users to access old PHP pages susceptible to directory traversal,...
Dataprobe iBoot-PDU 信息泄露漏洞
The Dataprobe iBoot-PDU is a web-accessible managed PDU independently controlled outlet from Dataprobe USA. An information disclosure vulnerability exists in the Dataprobe iBoot-PDU FW, which stems from the possibility that an attacker could gain access to sensitive data of the exposed device...
Dataprobe iBoot-PDU 代码问题漏洞
The Dataprobe iBoot-PDU is a web-accessible managed PDU independently controlled outlet from Dataprobe USA. A code issue vulnerability exists in the Dataprobe iBoot-PDU FW that stems from the fact that an attacker can create URLs capable of changing host parameters via a carefully crafted PHP...
Dataprobe iBoot-PDU 操作系统命令注入漏洞
The Dataprobe iBoot-PDU is a web-accessible managed PDU independently controlled outlet from Dataprobe USA. The Dataprobe iBoot-PDU FW suffers from an operating system command injection vulnerability that stems from the fact that certain specific functions do not sanitize user-supplied input, whi...
PT-2022-4839 · Dataprobe · Iboot-Pdu
Name of the Vulnerable Software and Affected Versions: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 Description: The issue is related to a vulnerability in the web interface of the iBoot-PDU managed power distribution unit, which is associated with the possibility of command injection...
PT-2022-4840 · Dataprobe · Dataprobe Iboot Pdu
Name of the Vulnerable Software and Affected Versions: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 Description: The issue is related to the device's existing firmware, which allows unauthenticated users to access an old PHP page vulnerable to directory traversal. This may enable a user...
Dataprobe iBoot-PDU 安全漏洞
The Dataprobe iBoot-PDU is a web-accessible managed PDU independently controlled outlet from Dataprobe USA. A security vulnerability exists in the Dataprobe iBoot-PDU FW that stems from allowing an attacker to access the device's main management page from the cloud. This feature allows a user to...