cvedb.io
CVE-2022-3189
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2022-12-21T23:15:09.970 · Last modified 2026-06-17T04:59:02.037

Summary

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specially crafted PHP script could use parameters from a HTTP request to create a URL capable of changing the host parameter. The changed host parameter in the HTTP could point to another host that will send a request to the host or IP specified in the changed host parameter.

Affected products

dataprobe — iboot-pdu4-n20_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when dataprobe ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.