VYPR
Unrated severityNVD Advisory· Published Dec 21, 2022· Updated Apr 15, 2025

CVE-2022-3189

CVE-2022-3189

Description

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specially crafted PHP script could use parameters from a HTTP request to create a URL capable of changing the host parameter. The changed host parameter in the HTTP could point to another host that will send a request to the host or IP specified in the changed host parameter.

Affected products

2
  • C Data/Iboot Pdu Fwllm-fuzzy2 versions
    <1.42.06162022+ 1 more
    • (no CPE)range: <1.42.06162022
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.