Skip to main content

Smart Pom Firmware

2 CVEs product

Monthly

CVE-2022-33175 CRITICAL POC Act Now

Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an insecure permissions setting on the user.token field that is accessible to everyone through the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Basic Pdu Firmware Pm Pdu Firmware Piml Pdu Firmware Smart Pim Firmware +3
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2022-33174 HIGH POC THREAT This Week

Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Basic Pdu Firmware Pm Pdu Firmware Piml Pdu Firmware Smart Pim Firmware +3
NVD
CVSS 3.1
7.5
EPSS
13.4%
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an insecure permissions setting on the user.token field that is accessible to everyone through the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Basic Pdu Firmware Pm Pdu Firmware +5
NVD
EPSS 13% CVSS 7.5
HIGH POC THREAT This Week

Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Basic Pdu Firmware Pm Pdu Firmware +5
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy