Dataprobe Iboot-pdu8sa-n15 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Dataprobe Iboot-pdu8sa-n15 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2022-3183 — CVSS 9.8 (critical): Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific function does not sanitize the input…
CVE-2022-3184 — CVSS 9.8 (critical): Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the device’s existing firmware allows…
CVE-2023-3259 — CVSS 9.8 (critical): The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass. By manipulating the IP…
CVE-2022-3186 — CVSS 8.6 (high): Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product allows an attacker to access the…
CVE-2022-47311 — CVSS 8.5 (high): A proprietary protocol for iBoot devices is used for control and keepalive commands. The function compares the username and password; it…
CVE-2022-47320 — CVSS 8.1 (high): The iBoot device’s basic discovery protocol assists in initial device configuration. The discovery protocol shows basic information about…
CVE-2023-3261 — CVSS 7.5 (high): The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier contains a buffer overflow vulnerability in the librta.so.0.0.0…
CVE-2023-3263 — CVSS 7.5 (high): The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the…
CVE-2022-46738 — CVSS 7.2 (high): The affected product exposes multiple sensitive data fields of the affected product. An attacker can use the SNMP command to get device mac…
CVE-2023-3260 — CVSS 7.2 (high): The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to command injection via the `user-name` URL…
CVE-2023-3264 — CVSS 6.7 (medium): The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the…
CVE-2023-3262 — CVSS 6.7 (medium): The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the…
CVE-2022-4945 — CVSS 6.5 (medium): The Dataprobe cloud usernames and passwords are stored in plain text in a specific file. Any user able to read this specific file from the…
CVE-2022-46658 — CVSS 6.5 (medium): The affected product is vulnerable to a stack-based buffer overflow which could lead to a denial of service or remote code execution.
CVE-2022-3185 — CVSS 5.3 (medium): Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product exposes sensitive data concerning…
CVE-2022-3188 — CVSS 5.3 (medium): Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where unauthenticated users could open PHP index pages…
CVE-2022-3187 — CVSS 5.3 (medium): Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP pages only validate when a valid…
CVE-2022-3189 — CVSS 5.3 (medium): Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specially crafted PHP script could use parameters…