cbcvebase.
CVE-2022-47311
published 2023-05-22

CVE-2022-47311: A proprietary protocol for iBoot devices is used for control and keepalive commands. The function compares the username and password; it also contains the…

PriorityP353high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.52%
40.0th percentile
A proprietary protocol for iBoot devices is used for control and keepalive commands. The function compares the username and password; it also contains the configuration data for the user specified. If the user does not exist, then it sends a value for username and password, which allows successful authentication for a connection.

Affected

23 ranges
VendorProductVersion rangeFixed in
dataprobeiboot-pdu4-c20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu4-n20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu4a-c10_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu4a-c20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu4a-n15_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu4a-n20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu4sa-c10_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu4sa-c20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu4sa-n15_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu4sa-n20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8a-2c10_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8a-2c20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8a-2n15_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8a-2n20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8a-c10_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8a-c20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8a-n15_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8a-n20_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8sa-2n15_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8sa-c10_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8sa-n15_firmware< 1.42.061620221.42.06162022
dataprobeiboot-pdu8sa-n20_firmware< 1.42.061620221.42.06162022
dataprobe_incdataprobe_iboot-pdu_fw< 1.42.061620221.42.06162022
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.