CVE-2022-33174

CRITICAL NUCLEI

Powertek firmware <3.30.30 - Auth Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-33174. PoCs published by Henry4E36. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional Python script that exploits CVE-2022-33174, an authentication bypass vulnerability in Powertek PDU devices. The exploit retrieves sensitive credentials by accessing a specific CGI endpoint without authentication.

Description

Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface (/cgi/get_param.cgi) with the tmpToken cookie set to an empty string followed by a semicolon. This bypasses an active session authorization check. This can be then used to fetch the values of protected sys.passwd and sys.su.name fields that contain the username and password in cleartext.

Exploits (1)

nomisec WORKING POC 4 stars

by Henry4E36 · poc

https://github.com/Henry4E36/CVE-2022-33174

View Code ZIP pw:eip

This repository contains a functional Python script that exploits CVE-2022-33174, an authentication bypass vulnerability in Powertek PDU devices. The exploit retrieves sensitive credentials by accessing a specific CGI endpoint without authentication.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Powertek PDU

No auth needed

Prerequisites: Network access to the target device

MITRE ATT&CK

T1110 - Brute Force T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

Powertek Firmware <3.30.30 - Authorization Bypass

HIGHVERIFIEDby pikpikcu

Shodan: http.html:"Powertek" || http.html:"powertek"

FOFA: body="powertek"

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://gynvael.coldwind.pl/?lang=en&id=748

Scores

CVSS v3 9.8

EPSS 0.7203

EPSS Percentile 98.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-863

Status published

Products (7)

powertekpdus/basic_pdu_firmware < 3.30.30

powertekpdus/piml_pdu_firmware < 3.30.30

powertekpdus/pm_pdu_firmware < 3.30.30

powertekpdus/smart_pim_firmware < 3.30.30

powertekpdus/smart_pom_firmware < 3.30.30

powertekpdus/smart_poms_firmware < 3.30.30

powertekpdus/smart_pos_firmware < 3.30.30

Published Jun 13, 2022

Tracked Since Feb 18, 2026