CVE-2022-33175
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an insecure permissions setting on the user.token field that is accessible to everyone through the /cgi/get_param.cgi HTTP API. This leads to disclosing active session ids of currently logged-in administrators. The session id can then be reused to act as the administrator, allowing reading of the cleartext password, or reconfiguring the device.
Affected (7)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.30.30 |
| Running on/with | Platform Versions |
|---|---|
Powertekpdus Basic Pdu | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.30.30 |
| Running on/with | Platform Versions |
|---|---|
Powertekpdus Pm Pdu | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.30.30 |
| Running on/with | Platform Versions |
|---|---|
Powertekpdus Piml Pdu | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.30.30 |
| Running on/with | Platform Versions |
|---|---|
Powertekpdus Smart Pim | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.30.30 |
| Running on/with | Platform Versions |
|---|---|
Powertekpdus Smart Pos | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.30.30 |
| Running on/with | Platform Versions |
|---|---|
Powertekpdus Smart Pom | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.30.30 |
| Running on/with | Platform Versions |
|---|---|
Powertekpdus Smart Poms | All versions |
References (2)
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Timeline
No history available yet.