The Dataprobe iBoot PDU running... CVE-2023-3259

- AV AC AU C I A
发布: 2023-08-14
修订: 2023-08-22

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass. By manipulating the IP address field in the "iBootPduSiteAuth" cookie, a malicious agent can direct the device to connect to a rouge database.Successful exploitation allows the malicious agent to take actions with administrator privileges including, but not limited to, manipulating power levels, modifying user accounts, and exporting confidential user information

0%
暂无可用Exp或PoC
当前有44条受影响产品信息