Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CVE-2022-47311
Vulnerability Description
A proprietary protocol for iBoot devices is used for control and keepalive commands. The function compares the username and password; it also contains the configuration data for the user specified. If the user does not exist, then it sends a value for username and password, which allows successful authentication for a connection.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
Vulnerability Type
N/A
Vulnerability Title
Dataprobe iBoot-PDU 安全漏洞
Vulnerability Description
Dataprobe iBoot-PDU是美国Dataprobe公司的一种可通过 Web 访问的受管 PDU 独立控制的插座。 Dataprobe iBoot-PDU FW 1.42.06162022 之前版本存在安全漏洞,该漏洞源于iBoot 设备的专有协议用于控制和保持活动命令,函数会比较用户名和密码,同时还包含指定用户的配置数据,如果用户不存在,则会发送用户名和密码的值,从而允许成功验证连接。
CVSS Information
N/A
Vulnerability Type
N/A