Dataprobe Inc Dataprobe Iboot-Pdu Fw vulnerabilities
5 known vulnerabilities affecting dataprobe_inc/dataprobe_iboot-pdu_fw.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-46658P3CRITICALCVSS 9.8fixed in 1.42.061620222023-05-22
CVE-2022-46658 [CRITICAL] CVE-2022-46658: The affected product is vulnerable to a stack-based buffer overflow which could lead to a denial of
The affected product is vulnerable to a stack-based buffer overflow which could lead to a denial of service or remote code execution.
nvd
CVE-2022-47311P3HIGHCVSS 8.8fixed in 1.42.061620222023-05-22
CVE-2022-47311 [HIGH] CVE-2022-47311: A proprietary protocol for iBoot devices is used for control and keepalive commands. The function co
A proprietary protocol for iBoot devices is used for control and keepalive commands. The function compares the username and password; it also contains the configuration data for the user specified. If the user does not exist, then it sends a value for username and password, which allows successful authentication for a connection.
nvd
CVE-2022-46738P3CRITICALCVSS 9.8fixed in 1.42.061620222023-05-22
CVE-2022-46738 [CRITICAL] CVE-2022-46738: The affected product exposes multiple sensitive data fields of the affected product. An attacker can
The affected product exposes multiple sensitive data fields of the affected product. An attacker can use the SNMP command to get device mac address and login as admin.
nvd
CVE-2022-47320P3HIGHCVSS 8.1fixed in 1.42.061620222023-05-22
CVE-2022-47320 [HIGH] CVE-2022-47320: The iBoot device’s basic discovery protocol assists in initial device configuration. The discovery p
The iBoot device’s basic discovery protocol assists in initial device configuration. The discovery protocol shows basic information about devices on the network and allows users to perform configuration changes.
nvd
CVE-2022-4945P4MEDIUMCVSS 6.5fixed in 1.42.061620222023-05-22
CVE-2022-4945 [MEDIUM] CVE-2022-4945: The Dataprobe cloud usernames and passwords are stored in plain text in a specific file. Any user ab
The Dataprobe cloud usernames and passwords are stored in plain text in a specific file. Any user able to read this specific file from the device could compromise other devices connected to the user's cloud.
nvd