Volerion logoVolerion
Volerion logoVolerion

Sunbird DCIM dcTrack and Power IQ Authentication Bypass Vulnerability Allowing Unauthorized Access to Restricted Services

Vulnerability

A vulnerability exists in Sunbird DCIM dcTrack and Power IQ, both in versions through 9.2.0. This vulnerability allows an authenticated user with access to the appliance's virtual console to misuse certain remote access features. Exploitation could lead to unauthorized redirection of network traffic, potentially accessing restricted services or data on the host machine.

Impact

Exploitation of this vulnerability could allow an authenticated user to redirect network traffic and access restricted services or data on the host machine.

Remediation

Users are advised to update Sunbird DCIM dcTrack to version 9.2.3 and Power IQ to version 9.2.1. If an immediate update is not possible, Sunbird recommends restricting SSH or any non-essential port access in the IP Based Access Control, and changing passwords for SSH-based user accounts at the time of deployment.

Added: Dec 4, 2025, 10:19 PM
Updated: Dec 4, 2025, 10:19 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
3.3
exploitability
4.4
remediation
0.0
relevance
1.3
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.