Raritan PowerIQ versions 4.1, 4.2, and 4.3 ship with a Rails 2 web interface with a hardcoded session secret. This can be used to achieve unauthenticated remote code execution as the nginx user on vulnerable systems.
681c8bb72ae6628420487909d37bf9e367efcdc762196f727263b8b5ca086eda