cbcvebase.
CVE-2022-3183
published 2022-12-21

CVE-2022-3183: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific function does not sanitize the input provided by the user…

PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.57%
72.4th percentile
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific function does not sanitize the input provided by the user, which may expose the affected to an OS command injection vulnerability.

Affected

13 ranges
VendorProductVersion rangeFixed in
dataprobeiboot-pdu4-n20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu4a-n15_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu4a-n20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu4sa-n15_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu4sa-n20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8a-2n15_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8a-2n20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8a-n15_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8a-n20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8sa-2n15_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8sa-n15_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8sa-n20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu_fw<= 1.42.06162022
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.