Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database. A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or delete arbitrary database records.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
使用硬编码的凭证
Vulnerability Title
Dataprobe 信任管理问题漏洞
Vulnerability Description
Dataprobe是美国Dataprobe公司的一系列智能电源开关和管理产品。 Dataprobe iBoot PDU 1.43.03312023 及之前版本存在信任管理问题漏洞,该漏洞源于容易受到 REST API 中身份验证绕过的攻击,攻击者利用该漏洞可以获取有效的授权令牌并读取与该身份验证相关的信息,继电器和配电的状态。
CVSS Information
N/A
Vulnerability Type
N/A