104 matches found
CVE-2022-3187
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP pages only validate when a valid connection is established with the database. However, these PHP pages do not verify the validity of a user. Attackers could leverage this lack of verification to read...
CVE-2022-3187
The CVE-2022-3187 issue affects Dataprobe iBoot-PDU FW versions prior to 1.42.06162022. The vulnerability arises because certain PHP pages only validate when a valid database connection exists, but do not verify the user, allowing an attacker to read the state of outlets. The Red Hat/NVD and ICS ...
CVE-2022-3186
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product allows an attacker to access the device’s main management page from the cloud. This feature enables users to remotely connect devices, however, the current implementation permits users to...
CVE-2022-3186
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 are affected by CVE-2022-3186 (Improper Access Control). The device’s main management page could be accessed from the cloud, enabling attackers to view other devices’ information. Affected product: Dataprobe iBoot-PDU firmware prior to 1.42.0...
CVE-2022-3186
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product allows an attacker to access the device’s main management page from the cloud. This feature enables users to remotely connect devices, however, the current implementation permits users to...
CVE-2022-3185
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product exposes sensitive data concerning the device...
CVE-2022-3185
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product exposes sensitive data concerning the device...
CVE-2022-3185
CVE-2022-3185 affects Dataprobe iBoot-PDU FW versions prior to 1.42.06162022, where the device exposes sensitive data. The ICS/Redhat/NVD entries describe this vulnerability as an information disclosure issue (CVE-2022-3185) within the broader iBoot-PDU flaw set. Mitigation documented in PT-2022-...
CVE-2022-3184
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the device’s existing firmware allows unauthenticated users to access an old PHP page vulnerable to directory traversal, which may allow a user to write a file to the webroot directory...
CVE-2022-3184
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 are affected by CVE-2022-3184, a path traversal vulnerability that allows unauthenticated access to an old PHP page and could let an attacker write a file to the webroot. Affected product: Dataprobe iBoot-PDU firmware before 1.42.06162022. Im...
CVE-2022-3184
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the device’s existing firmware allows unauthenticated users to access an old PHP page vulnerable to directory traversal, which may allow a user to write a file to the webroot directory...
CVE-2022-3183
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific function does not sanitize the input provided by the user, which may expose the affected to an OS command injection vulnerability...
CVE-2022-3183
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 are affected by CVE-2022-3183, an OS command injection vulnerability in a user-input handling function. The issue enables unauthenticated command execution via the device’s web interface, as documented by CISA ICS and NVD summaries. Affected ...
CVE-2022-3183
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific function does not sanitize the input provided by the user, which may expose the affected to an OS command injection vulnerability...
PT-2022-20960 · Dataprobe · Dataprobe Iboot Pdu
Name of the Vulnerable Software and Affected Versions: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 Description: The affected product allows an attacker to access the device's main management page from the cloud. This feature enables users to remotely connect devices, however, the curre...
PT-2022-20963 · Dataprobe · Dataprobe Iboot Pdu
Name of the Vulnerable Software and Affected Versions: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 Description: The issue arises from certain PHP pages only validating when a valid connection is established with the database, but not verifying the validity of a user. This lack of...
Dataprobe iBoot-PDU 路径遍历漏洞
The Dataprobe iBoot-PDU is a web-accessible managed PDU independently controlled outlet from Dataprobe USA. A path traversal vulnerability exists in the Dataprobe iBoot-PDU FW that stems from its firmware allowing unauthenticated users to access old PHP pages susceptible to directory traversal,...
Dataprobe iBoot-PDU 操作系统命令注入漏洞
The Dataprobe iBoot-PDU is a web-accessible managed PDU independently controlled outlet from Dataprobe USA. The Dataprobe iBoot-PDU FW suffers from an operating system command injection vulnerability that stems from the fact that certain specific functions do not sanitize user-supplied input, whi...
PT-2022-4839 · Dataprobe · Iboot-Pdu
Name of the Vulnerable Software and Affected Versions: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 Description: The issue is related to a vulnerability in the web interface of the iBoot-PDU managed power distribution unit, which is associated with the possibility of command injection...
Dataprobe iBoot-PDU 代码问题漏洞
The Dataprobe iBoot-PDU is a web-accessible managed PDU independently controlled outlet from Dataprobe USA. A code issue vulnerability exists in the Dataprobe iBoot-PDU FW that stems from the fact that an attacker can create URLs capable of changing host parameters via a carefully crafted PHP...