Dataprobe iBoot-PDU FW versions prior to 1.42.06162022...
Moderate severity
Unreviewed
Published
Dec 22, 2022
to the GitHub Advisory Database
•
Updated Jan 28, 2023
Description
Published by the National Vulnerability Database
Dec 21, 2022
Published to the GitHub Advisory Database
Dec 22, 2022
Last updated
Jan 28, 2023
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where unauthenticated users could open PHP index pages without authentication and download the history file from the device; the history file includes the latest actions completed by specific users.
References