CVE-2018-12031

2018-06-07T16:29:00
ID CVE-2018-12031
Type cve
Reporter cve@mitre.org
Modified 2018-07-27T14:49:00

Description

Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action.