Security Advisory

CVE-2023-3260

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-14 03:51:52

Last updated 2024-10-09 13:23:37

Assigner trellix

State PUBLISHED

Description

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to command injection via the `user-name` URL parameter. An authenticated malicious agent can exploit this vulnerability to execute arbitrary command on the underlying Linux operating system.

← Browse all CVEs View on cve.org ↗