CVE-2022-33174

Name of the Vulnerable Software and Affected Versions Power Distribution Units running on Powertek firmware versions prior to 3.30.30

Description The issue allows remote authorization bypass in the web interface. An attacker can exploit this by sending an HTTP packet to the "cgi/get param.cgi" endpoint with the tmpToken cookie set to an empty string followed by a semicolon, bypassing an active session authorization check. This can then be used to fetch the values of protected fields sys.passwd and sys.su.name that contain the username and password in cleartext.

Recommendations For versions prior to 3.30.30, update to version 3.30.30 or later to resolve the issue. As a temporary workaround, consider restricting access to the "cgi/get param.cgi" endpoint to minimize the risk of exploitation. Avoid using the tmpToken cookie with an empty string followed by a semicolon in the affected API endpoint until the issue is resolved.