CVE-2023-25413

Name of the Vulnerable Software and Affected Versions Aten PE8108 version 2.4.232

Description The issue is related to insufficient protection of registration data in the web interface of the Aten PE8108 power distribution unit (PDU) software. This allows for unauthenticated access to Telnet and SNMP credentials. An attacker can exploit this issue remotely to gain access to these credentials.

Recommendations For Aten PE8108 version 2.4.232, consider restricting access to the device until a patch is available, and avoid using the Telnet and SNMP credentials in the affected web interface. As a temporary workaround, restrict access to the web interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.