Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 14/08/2023 Updated: 25/08/2023

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 0

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to command injection via the `user-name` URL parameter. An authenticated malicious agent can exploit this vulnerability to execute arbitrary command on the underlying Linux operating system.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cyberpower powerpanel server
dataprobe iboot-pdu4a-c10_firmware
dataprobe iboot-pdu4a-c20_firmware
dataprobe iboot-pdu4a-n15_firmware
dataprobe iboot-pdu4a-n20_firmware
dataprobe iboot-pdu4-c20_firmware
dataprobe iboot-pdu4-n20_firmware
dataprobe iboot-pdu4sa-c10_firmware
dataprobe iboot-pdu4sa-c20_firmware
dataprobe iboot-pdu4sa-n15_firmware
dataprobe iboot-pdu4sa-n20_firmware
dataprobe iboot-pdu8a-2c10_firmware
dataprobe iboot-pdu8a-2c20_firmware
dataprobe iboot-pdu8a-2n15_firmware
dataprobe iboot-pdu8a-2n20_firmware
dataprobe iboot-pdu8a-c10_firmware
dataprobe iboot-pdu8a-c20_firmware
dataprobe iboot-pdu8a-n15_firmware
dataprobe iboot-pdu8a-n20_firmware
dataprobe iboot-pdu8sa-2n15_firmware
dataprobe iboot-pdu8sa-c10_firmware
dataprobe iboot-pdu8sa-n15_firmware
dataprobe iboot-pdu8sa-n20_firmware

CWE-78 https://www.trellix.com/en-us/about/newsroom/stories/research/the-threat-lurking-in-data-centers.html https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-3260

Vulnerability Summary

References

Vulmon Search

About

Products

Connect