Powertekpdus

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-33175 1Powertekpdus 7Basic Pdu Firmware Piml Pdu FirmwarePm Pdu Firmware+4 more Nov 21, 2024 Jun 13, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an insecure permissions setting on the user.token field that is accessible to everyone through the /cgi/get_param.cgi HTTP API....Show more Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an insecure permissions setting on the user.token field that is accessible to everyone through the /cgi/get_param.cgi HTTP API. This leads to disclosing active session ids of currently logged-in administrators. The session id can then be reused to act as the administrator, allowing reading of the cleartext password, or reconfiguring the device.Show less
CVE-2022-33174 1Powertekpdus 7Basic Pdu Firmware Piml Pdu FirmwarePm Pdu Firmware+4 more Nov 21, 2024 Jun 13, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the da...Show more Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface (/cgi/get_param.cgi) with the tmpToken cookie set to an empty string followed by a semicolon. This bypasses an active session authorization check. This can be then used to fetch the values of protected sys.passwd and sys.su.name fields that contain the username and password in cleartext.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2022-33175

1Powertekpdus

7Basic Pdu Firmware

Piml Pdu FirmwarePm Pdu Firmware+4 more

Nov 21, 2024

Jun 13, 2022

N/A· v4

9.8 CRITICAL· v3

7.5 HIGH· v2

Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an insecure permissions setting on the user.token field that is accessible to everyone through the /cgi/get_param.cgi HTTP API. This leads to disclosing active session ids of currently logged-in administrators. The session id can then be reused to act as the administrator, allowing reading of the cleartext password, or reconfiguring the device.Show less

CVE-2022-33174

1Powertekpdus

7Basic Pdu Firmware

Piml Pdu FirmwarePm Pdu Firmware+4 more

Nov 21, 2024

Jun 13, 2022

N/A· v4

7.5 HIGH· v3

5.0 MEDIUM· v2

Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface (/cgi/get_param.cgi) with the tmpToken cookie set to an empty string followed by a semicolon. This bypasses an active session authorization check. This can be then used to fetch the values of protected sys.passwd and sys.su.name fields that contain the username and password in cleartext.Show less