Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Powertek PDU身份绕过 | https://github.com/Henry4E36/CVE-2022-33174 | POC Details |
| 2 | Powertek firmware (multiple brands) before 3.30.30 running Power Distribution Units are vulnerable to authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface (/cgi/get_param.cgi) with the tmpToken cookie set to an empty string followed by a semicolon. This bypasses an active session authorization check. This can be then used to fetch the values of protected sys.passwd and sys.su.name fields that contain the username and password in cleartext. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-33174.yaml | POC Details |
No public POC found.
Login to generate AI POCNo comments yet