Login Sign Up

CVE-2023-3261

7.5 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

A buffer overflow vulnerability in Dataprobe iBoot PDU firmware allows attackers to cause denial of service or disrupt login functionality via the web server. This affects organizations using Dataprobe iBoot PDU devices with firmware version 1.43.03312023 or earlier.

💻 Affected Systems

Products:
  • Dataprobe iBoot PDU
Versions: Firmware version 1.43.03312023 and earlier
Operating Systems: Embedded firmware
Default Config Vulnerable: ⚠️ Yes
Notes: All devices running affected firmware versions are vulnerable regardless of configuration.

📦 What is this software?

Iboot Pdu4 C20 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu4 C20 Firmware →

Iboot Pdu4 N20 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu4 N20 Firmware →

Iboot Pdu4a C10 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu4a C10 Firmware →

Iboot Pdu4a C20 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu4a C20 Firmware →

Iboot Pdu4a N15 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu4a N15 Firmware →

Iboot Pdu4a N20 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu4a N20 Firmware →

Iboot Pdu4sa C10 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu4sa C10 Firmware →

Iboot Pdu4sa C20 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu4sa C20 Firmware →

Iboot Pdu4sa N15 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu4sa N15 Firmware →

Iboot Pdu4sa N20 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu4sa N20 Firmware →

Iboot Pdu8a 2c10 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu8a 2c10 Firmware →

Iboot Pdu8a 2c20 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu8a 2c20 Firmware →

Iboot Pdu8a 2n15 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu8a 2n15 Firmware →

Iboot Pdu8a 2n20 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu8a 2n20 Firmware →

Iboot Pdu8a C10 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu8a C10 Firmware →

Iboot Pdu8a C20 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu8a C20 Firmware →

Iboot Pdu8a N15 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu8a N15 Firmware →

Iboot Pdu8a N20 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu8a N20 Firmware →

Iboot Pdu8sa 2n15 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu8sa 2n15 Firmware →

Iboot Pdu8sa C10 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu8sa C10 Firmware →

Iboot Pdu8sa N15 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu8sa N15 Firmware →

Iboot Pdu8sa N20 Firmware by Dataprobe

View all CVEs affecting Iboot Pdu8sa N20 Firmware →

Powerpanel Server by Cyberpower

View all CVEs affecting Powerpanel Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device unavailability preventing power management of connected equipment, potentially causing cascading failures in data center operations.

🟠

Likely Case

Temporary denial of service affecting web interface login and device management capabilities.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing exploitation attempts.

🌐 Internet-Facing: HIGH - Web interface is typically exposed for remote management, making devices directly accessible to attackers.
🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit the vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Buffer overflow in librta.so.0.0.0 library affects web server functionality. No authentication required for exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware version newer than 1.43.03312023

Vendor Advisory: https://www.dataprobe.com/support/iboot-pdu/

Restart Required: Yes

Instructions:

1. Download latest firmware from Dataprobe support portal. 2. Backup current configuration. 3. Upload firmware via web interface. 4. Apply update and restart device. 5. Verify firmware version after reboot.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict access to iBoot PDU web interface using firewall rules

Access Control

all

Implement strict IP whitelisting for management interface access

🧯 If You Can't Patch

  • Isolate iBoot PDU devices on separate VLAN with strict access controls
  • Disable web interface if not required and use alternative management methods

🔍 How to Verify

Check if Vulnerable:

Check firmware version via web interface: System > About. If version is 1.43.03312023 or earlier, device is vulnerable.

Check Version:

No CLI command - check via web interface at System > About page

Verify Fix Applied:

Verify firmware version is newer than 1.43.03312023 and test web interface functionality.

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed login attempts
  • Web server crash logs
  • Unusual traffic patterns to /login or web interface

Network Indicators:

  • Unusual HTTP requests to iBoot PDU web interface
  • Traffic spikes to port 80/443 on PDU devices

SIEM Query:

source="iboot-pdu" AND (event="crash" OR event="buffer_overflow" OR status=500)

📊 Metadata

CVE ID: CVE-2023-3261
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-119
Published: August 14, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-3261, you might also want to check these:

CVE-2024-23613 10.0

A critical buffer overflow vulnerability in Symantec Deployment Solution 7.9 allows remote, unauthen...

Same vulnerability type (CWE-119)
CVE-2024-23615 10.0

A critical buffer overflow vulnerability in Symantec Messaging Gateway allows remote unauthenticated...

Same vulnerability type (CWE-119)
CVE-2026-2776 10.0

This CVE describes a sandbox escape vulnerability in Firefox's Telemetry component due to incorrect ...

Same vulnerability type (CWE-119)