Description

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier contains a buffer overflow vulnerability in the librta.so.0.0.0 library.Successful exploitation could cause denial of service or unexpected behavior with respect to all interactions relying on the targeted vulnerable binary, including the ability to log in via the web server.

Related CPE's

a

cyberpower

powerpanel_server

*

*

*

*

enterprise

Vulnerable

o

dataprobe

iboot-pdu4a-c10_firmware

Vulnerable

h

dataprobe

iboot-pdu4a-c10

-

o

dataprobe

iboot-pdu4a-c20_firmware

Vulnerable

h

dataprobe

iboot-pdu4a-c20

-

o

dataprobe

iboot-pdu4a-n15_firmware

Vulnerable

h

dataprobe

iboot-pdu4a-n15

-

o

dataprobe

iboot-pdu4a-n20_firmware

Vulnerable

h

dataprobe

iboot-pdu4a-n20

-

o

dataprobe

iboot-pdu4-c20_firmware

Vulnerable

h

dataprobe

iboot-pdu4-c20

-

o

dataprobe

iboot-pdu4-n20_firmware

Vulnerable

h

dataprobe

iboot-pdu4-n20

-

o

dataprobe

iboot-pdu4sa-c10_firmware

Vulnerable

h

dataprobe

iboot-pdu4sa-c10

-

o

dataprobe

iboot-pdu4sa-c20_firmware

Vulnerable

h

dataprobe

iboot-pdu4sa-c20

-

o

dataprobe

iboot-pdu4sa-n15_firmware

Vulnerable

h

dataprobe

iboot-pdu4sa-n15

-

o

dataprobe

iboot-pdu4sa-n20_firmware

Vulnerable

h

dataprobe

iboot-pdu4sa-n20

-

o

dataprobe

iboot-pdu8a-2c10_firmware

Vulnerable

h

dataprobe

iboot-pdu8a-2c10

-

o

dataprobe

iboot-pdu8a-2c20_firmware

Vulnerable

h

dataprobe

iboot-pdu8a-2c20

-

o

dataprobe

iboot-pdu8a-2n15_firmware

Vulnerable

h

dataprobe

iboot-pdu8a-2n15

-

o

dataprobe

iboot-pdu8a-2n20_firmware

Vulnerable

h

dataprobe

iboot-pdu8a-2n20

-

o

dataprobe

iboot-pdu8a-c10_firmware

Vulnerable

h

dataprobe

iboot-pdu8a-c10

-

o

dataprobe

iboot-pdu8a-c20_firmware

Vulnerable

h

dataprobe

iboot-pdu8a-c20

-

o

dataprobe

iboot-pdu8a-n15_firmware

Vulnerable

h

dataprobe

iboot-pdu8a-n15

-

o

dataprobe

iboot-pdu8a-n20_firmware

Vulnerable

h

dataprobe

iboot-pdu8a-n20

-

o

dataprobe

iboot-pdu8sa-2n15_firmware

Vulnerable

h

dataprobe

iboot-pdu8sa-2n15

-

o

dataprobe

iboot-pdu8sa-c10_firmware

Vulnerable

h

dataprobe

iboot-pdu8sa-c10

-

o

dataprobe

iboot-pdu8sa-n15_firmware

Vulnerable

h

dataprobe

iboot-pdu8sa-n15

-

o

dataprobe

iboot-pdu8sa-n20_firmware

Vulnerable

h

dataprobe

iboot-pdu8sa-n20

-

References

https://www.trellix.com/en-us/about/newsroom/stories/research/the-threat-lurking-in-data-centers.html

Vendor Advisory

Weaknesses

[email protected]

Primary
CWE-78

[email protected]

Secondary
CWE-119

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.2 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-08-14T04:15:10.940

11 months ago

Last modified

2023-08-25T06:15:08.990

11 months ago