PT-2022-4840 · Dataprobe · Dataprobe Iboot Pdu

Name of the Vulnerable Software and Affected Versions: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 Description: The issue is related to the device's existing firmware, which allows unauthenticated users to access an old PHP page vulnerable to directory traversal. This may enable a user...

PT-2022-4839 · Dataprobe · Iboot-Pdu

Name of the Vulnerable Software and Affected Versions: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 Description: The issue is related to a vulnerability in the web interface of the iBoot-PDU managed power distribution unit, which is associated with the possibility of command injection...

CISA Releases Eight industrial Control Systems Advisories

CISA has released eight 8 Industrial Control Systems ICS advisories on September 20, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories...

Dataprobe iBootBar Authorization Vulnerability

Dataprobe iBootBar is a remote power management solution from Dataprobe USA that provides serial ports, optional internal modem and DTMF audio dialing control. A security vulnerability exists in Dataprobe iBootBar using the 2007-09-20 beta firmware. A remote attacker can exploit this vulnerabilit...

Authentication flaw

Dataprobe iBootBar with 2007-09-20 and possibly later beta firmware allows remote attackers to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCCOOKIE cookie...

Authentication flaw

Dataprobe iBootBar with 2007-09-20 and possibly later released firmware allows remote attackers to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCRABBIT cookie...

CVE-2007-6760

Dataprobe iBootBar with 2007-09-20 and possibly later beta firmware allows remote attackers to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCCOOKIE cookie...

CVE-2007-6759

Dataprobe iBootBar with 2007-09-20 and possibly later released firmware allows remote attackers to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCRABBIT cookie...

CVE-2007-6759

Dataprobe iBootBar (firmware 2007-09-20 and possibly later) is affected by CVE-2007-6759, enabling remote authentication bypass and power-cycle attacks on connected devices via a DCRABBIT cookie. The available sources describe the vulnerability and impact (authentication bypass, device reboot/pow...

CVE-2007-6760

Dataprobe iBootBar is affected: on devices running 2007-09-20 beta firmware (and possibly later), remote attackers can bypass authentication and trigger power-cycle actions on connected devices via a DCCOOKIE cookie. The issue is documented across multiple sources (NVD/CNVD/PRION/CVELIST) with hi...

CVE-2007-6759

Dataprobe iBootBar with 2007-09-20 and possibly later released firmware allows remote attackers to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCRABBIT cookie...

CVE-2007-6760

Dataprobe iBootBar with 2007-09-20 and possibly later beta firmware allows remote attackers to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCCOOKIE cookie...

SHDesigns Resident Download Manager does not authenticate firmware downloads

Overview SHDesigns' Resident Download Manager as well as the Ethernet Download Manager does not authenticate firmware downloads before executing code and deploying them to devices. Description CWE-494: Download of Code Without Integrity Check- CVE-2016-6567SHDesigns' Resident Download Manager...