CVE-2022-3183

Name of the Vulnerable Software and Affected Versions Dataprobe iBoot-PDU FW versions prior to 1.42.06162022

Description The issue is related to a vulnerability in the web interface of the iBoot-PDU managed power distribution unit, which is associated with the possibility of command injection. This vulnerability may allow a remote attacker to inject operating system commands due to a specific function not sanitizing user input.

Recommendations For versions prior to 1.42.06162022, update to version 1.42.06162022 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable function to minimize the risk of exploitation.