The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database. A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or delete arbitrary database records.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HCyberpower Powerpanel Server
APPCyberpower< 2.6.9Dataprobe Iboot Pdu4a C10
HWDataprobewszystkie wersjeDataprobe Iboot Pdu4a C10 Firmware
OSDataprobe< 1.44.0804202Dataprobe Iboot Pdu4a C20
HWDataprobewszystkie wersjeDataprobe Iboot Pdu4a C20 Firmware
OSDataprobe< 1.44.0804202Dataprobe Iboot Pdu4a N15
HWDataprobewszystkie wersjeDataprobe Iboot Pdu4a N15 Firmware
OSDataprobe< 1.44.0804202Dataprobe Iboot Pdu4a N20
HWDataprobewszystkie wersjeDataprobe Iboot Pdu4a N20 Firmware
OSDataprobe< 1.44.0804202Dataprobe Iboot Pdu4 C20
HWDataprobewszystkie wersjeDataprobe Iboot Pdu4 C20 Firmware
OSDataprobe< 1.44.0804202Dataprobe Iboot Pdu4 N20
HWDataprobewszystkie wersjeDataprobe Iboot Pdu4 N20 Firmware
OSDataprobe< 1.44.0804202Dataprobe Iboot Pdu4sa C10
HWDataprobewszystkie wersjeDataprobe Iboot Pdu4sa C10 Firmware
OSDataprobe< 1.44.0804202Dataprobe Iboot Pdu4sa C20
HWDataprobewszystkie wersjeDataprobe Iboot Pdu4sa C20 Firmware
OSDataprobe< 1.44.0804202Dataprobe Iboot Pdu4sa N15
HWDataprobewszystkie wersjeDataprobe Iboot Pdu4sa N15 Firmware
OSDataprobe< 1.44.0804202Dataprobe Iboot Pdu4sa N20
HWDataprobewszystkie wersjeDataprobe Iboot Pdu4sa N20 Firmware
OSDataprobe< 1.44.0804202Dataprobe Iboot Pdu8a 2c10
HWDataprobewszystkie wersjeDataprobe Iboot Pdu8a 2c10 Firmware
OSDataprobe< 1.44.0804202Dataprobe Iboot Pdu8a 2c20
HWDataprobewszystkie wersjeDataprobe Iboot Pdu8a 2c20 Firmware
OSDataprobe< 1.44.0804202Dataprobe Iboot Pdu8a 2n15
HWDataprobewszystkie wersjeDataprobe Iboot Pdu8a 2n15 Firmware
OSDataprobe< 1.44.0804202Dataprobe Iboot Pdu8a 2n20
HWDataprobewszystkie wersjeDataprobe Iboot Pdu8a 2n20 Firmware
OSDataprobe< 1.44.0804202Dataprobe Iboot Pdu8a C10
HWDataprobewszystkie wersje
Powiązane podatności
A non-feature complete authentication mechanism exists in the production application allowing an attacker to b...
When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the usernam...
An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters fro...
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypa...
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific function does ...