9.4 High
AI Score
Confidence
High
0.03 Low
EPSS
Percentile
90.9%
Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action.
github.com/EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion