CVE-2022-33175 — CRITICAL (9.8)

Q: How severe is CVE-2022-33175?

CVE-2022-33175 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2022-33175?

Check the references section above for vendor advisories and patch information. Affected products include: Powertekpdus Basic Pdu Firmware, Powertekpdus Basic Pdu, Powertekpdus Pm Pdu Firmware, Powertekpdus Pm Pdu, Powertekpdus Piml Pdu Firmware.

Vulnerability Description

Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an insecure permissions setting on the user.token field that is accessible to everyone through the /cgi/get_param.cgi HTTP API. This leads to disclosing active session ids of currently logged-in administrators. The session id can then be reused to act as the administrator, allowing reading of the cleartext password, or reconfiguring the device.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Powertekpdus	Basic Pdu Firmware	< 3.30.30
Powertekpdus	Basic Pdu	-
Powertekpdus	Pm Pdu Firmware	< 3.30.30
Powertekpdus	Pm Pdu	-
Powertekpdus	Piml Pdu Firmware	< 3.30.30
Powertekpdus	Piml Pdu	-
Powertekpdus	Smart Pim Firmware	< 3.30.30
Powertekpdus	Smart Pim	-
Powertekpdus	Smart Pos Firmware	< 3.30.30
Powertekpdus	Smart Pos	-
Powertekpdus	Smart Pom Firmware	< 3.30.30
Powertekpdus	Smart Pom	-
Powertekpdus	Smart Poms Firmware	< 3.30.30
Powertekpdus	Smart Poms	-

Related Weaknesses (CWE)

CWE-732

References

https://gynvael.coldwind.pl/?lang=en&id=748ExploitThird Party Advisory
https://gynvael.coldwind.pl/?lang=en&id=748ExploitThird Party Advisory

FAQ

What is CVE-2022-33175?

CVE-2022-33175 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an insecure permissions setting on the user.token field that is accessible to everyone through the /cgi/get_...

How severe is CVE-2022-33175?

CVE-2022-33175 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2022-33175?

Check the references section above for vendor advisories and patch information. Affected products include: Powertekpdus Basic Pdu Firmware, Powertekpdus Basic Pdu, Powertekpdus Pm Pdu Firmware, Powertekpdus Pm Pdu, Powertekpdus Piml Pdu Firmware.