VYPR
Vendor

Raritan

Products
10
CVEs
6
Across products
11
Status
Private

Products

10

Recent CVEs

6
  • CVE-2014-9095Nov 26, 2014
    risk 0.03cvss epss 0.02

    Multiple SQL injection vulnerabilities in Raritan Power IQ 4.1.0 and 4.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to license/records.

  • CVE-2025-55703Dec 15, 2025
    risk 0.00cvss epss 0.00

    An error-based SQL injection vulnerability exists in the Sunbird Power IQ 9.2.0 API. The vulnerability is due to an outdated API endpoint that applied arrays without proper input validation. This can allow attackers to manipulate SQL queries. This has been addressed in Power IQ…

  • CVE-2018-20687Nov 18, 2019
    risk 0.00cvss epss 0.03

    An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML…

  • CVE-2014-3901Aug 12, 2014
    risk 0.00cvss epss 0.02

    Raritan Japan Dominion KX2-101 switches before 2 allow remote attackers to cause a denial of service (device hang) via a crafted packet.

  • CVE-2014-2955Jul 14, 2014
    risk 0.00cvss epss 0.03

    Raritan PX before 1.5.11 on DPXR20A-16 devices allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.

  • CVE-2005-2136Jul 5, 2005
    risk 0.00cvss epss 0.01

    Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world-readable permissions for /etc/shadow and (2) world-writable permissions for /bin/busybox, which allows local users to obtain hashed passwords or execute arbitrary code as other users.