Lucene search
K

104 matches found

Cvelist
Cvelist
added 2022/12/21 10:29 p.m.33 views

CVE-2022-3187

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP pages only validate when a valid connection is established with the database. However, these PHP pages do not verify the validity of a user. Attackers could leverage this lack of verification to read...

5.3CVSS5.5AI score0.00452EPSS
Exploits0References1
CVE
CVE
added 2022/12/21 10:29 p.m.82 views

CVE-2022-3187

The CVE-2022-3187 issue affects Dataprobe iBoot-PDU FW versions prior to 1.42.06162022. The vulnerability arises because certain PHP pages only validate when a valid database connection exists, but do not verify the user, allowing an attacker to read the state of outlets. The Red Hat/NVD and ICS ...

5.3CVSS5.2AI score0.00452EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/12/21 10:28 p.m.24 views

CVE-2022-3186

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product allows an attacker to access the device’s main management page from the cloud. This feature enables users to remotely connect devices, however, the current implementation permits users to...

8.6CVSS8.6AI score0.00571EPSS
Exploits0References1
CVE
CVE
added 2022/12/21 10:28 p.m.60 views

CVE-2022-3186

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 are affected by CVE-2022-3186 (Improper Access Control). The device’s main management page could be accessed from the cloud, enabling attackers to view other devices’ information. Affected product: Dataprobe iBoot-PDU firmware prior to 1.42.0...

8.6CVSS7.3AI score0.00571EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/21 10:28 p.m.8 views

CVE-2022-3186

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product allows an attacker to access the device’s main management page from the cloud. This feature enables users to remotely connect devices, however, the current implementation permits users to...

8.6CVSS6.9AI score0.00571EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/12/21 10:28 p.m.26 views

CVE-2022-3185

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product exposes sensitive data concerning the device...

5.3CVSS5.5AI score0.00477EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/21 10:28 p.m.8 views

CVE-2022-3185

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product exposes sensitive data concerning the device...

5.3CVSS6.9AI score0.00477EPSS
Exploits0References1
CVE
CVE
added 2022/12/21 10:28 p.m.67 views

CVE-2022-3185

CVE-2022-3185 affects Dataprobe iBoot-PDU FW versions prior to 1.42.06162022, where the device exposes sensitive data. The ICS/Redhat/NVD entries describe this vulnerability as an information disclosure issue (CVE-2022-3185) within the broader iBoot-PDU flaw set. Mitigation documented in PT-2022-...

5.3CVSS5.2AI score0.00477EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/12/21 10:26 p.m.35 views

CVE-2022-3184

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the device’s existing firmware allows unauthenticated users to access an old PHP page vulnerable to directory traversal, which may allow a user to write a file to the webroot directory...

9.8CVSS9.6AI score0.11626EPSS
Exploits0References1
CVE
CVE
added 2022/12/21 10:26 p.m.87 views

CVE-2022-3184

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 are affected by CVE-2022-3184, a path traversal vulnerability that allows unauthenticated access to an old PHP page and could let an attacker write a file to the webroot. Affected product: Dataprobe iBoot-PDU firmware before 1.42.06162022. Im...

9.8CVSS9.3AI score0.11626EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/21 10:26 p.m.7 views

CVE-2022-3184

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the device’s existing firmware allows unauthenticated users to access an old PHP page vulnerable to directory traversal, which may allow a user to write a file to the webroot directory...

9.8CVSS7.3AI score0.11626EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/21 10:24 p.m.8 views

CVE-2022-3183

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific function does not sanitize the input provided by the user, which may expose the affected to an OS command injection vulnerability...

9.8CVSS7.6AI score0.01575EPSS
Exploits0References1
CVE
CVE
added 2022/12/21 10:24 p.m.87 views

CVE-2022-3183

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 are affected by CVE-2022-3183, an OS command injection vulnerability in a user-input handling function. The issue enables unauthenticated command execution via the device’s web interface, as documented by CISA ICS and NVD summaries. Affected ...

9.8CVSS9.6AI score0.01575EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/12/21 10:24 p.m.27 views

CVE-2022-3183

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific function does not sanitize the input provided by the user, which may expose the affected to an OS command injection vulnerability...

9.8CVSS9.9AI score0.01575EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/21 12:0 a.m.12 views

PT-2022-20960 · Dataprobe · Dataprobe Iboot Pdu

Name of the Vulnerable Software and Affected Versions: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 Description: The affected product allows an attacker to access the device's main management page from the cloud. This feature enables users to remotely connect devices, however, the curre...

8.6CVSS7.5AI score0.00571EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/12/21 12:0 a.m.7 views

PT-2022-20963 · Dataprobe · Dataprobe Iboot Pdu

Name of the Vulnerable Software and Affected Versions: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 Description: The issue arises from certain PHP pages only validating when a valid connection is established with the database, but not verifying the validity of a user. This lack of...

5.3CVSS5.2AI score0.00452EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/09/20 12:0 a.m.5 views

Dataprobe iBoot-PDU 路径遍历漏洞

The Dataprobe iBoot-PDU is a web-accessible managed PDU independently controlled outlet from Dataprobe USA. A path traversal vulnerability exists in the Dataprobe iBoot-PDU FW that stems from its firmware allowing unauthenticated users to access old PHP pages susceptible to directory traversal,...

9.8CVSS8.6AI score0.11626EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/09/20 12:0 a.m.5 views

Dataprobe iBoot-PDU 操作系统命令注入漏洞

The Dataprobe iBoot-PDU is a web-accessible managed PDU independently controlled outlet from Dataprobe USA. The Dataprobe iBoot-PDU FW suffers from an operating system command injection vulnerability that stems from the fact that certain specific functions do not sanitize user-supplied input, whi...

9.8CVSS8.6AI score0.01575EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/09/20 12:0 a.m.5 views

PT-2022-4839 · Dataprobe · Iboot-Pdu

Name of the Vulnerable Software and Affected Versions: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 Description: The issue is related to a vulnerability in the web interface of the iBoot-PDU managed power distribution unit, which is associated with the possibility of command injection...

9.8CVSS9.5AI score0.01575EPSS
Exploits0References8
CNNVD
CNNVD
added 2022/09/20 12:0 a.m.5 views

Dataprobe iBoot-PDU 代码问题漏洞

The Dataprobe iBoot-PDU is a web-accessible managed PDU independently controlled outlet from Dataprobe USA. A code issue vulnerability exists in the Dataprobe iBoot-PDU FW that stems from the fact that an attacker can create URLs capable of changing host parameters via a carefully crafted PHP...

5.3CVSS6.2AI score0.00484EPSS
Exploits0References5
Rows per page
Query Builder