Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.8 views

CVE-2026-22615

Due to improper input validation in one of the Eaton Intelligent Power Protector IPP XML, it is possible for an attacker with admin privileges and access to the local system to inject malicious code resulting in arbitrary command execution. This security issue has been fixed in the latest version...

7.2CVSS5.6AI score0.00342EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.10 views

CVE-2026-22617

Eaton Intelligent Power Protector IPP uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it through a man‑in‑the‑middle attack. This security issue has been fixed in the latest version of Eaton IPP software which is available on t...

7.4CVSS5.4AI score0.00169EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/16 5:26 a.m.3 views

CVE-2026-22619

Eaton Intelligent Power Protector IPP is affected by insecure library loading in its executable, which could lead to arbitrary code execution by an attacker with access to the software package. This security issue has been fixed in the latest version of Eaton IPP software which is available on th...

7.8CVSS6.3AI score0.00324EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/16 5:11 a.m.3 views

CVE-2026-22618

A security misconfiguration was identified in Eaton Intelligent Power Protector IPP, where an HTTP response header was set with an insecure attribute, potentially exposing users to web‑based attacks. This security issue has been fixed in the latest version of Eaton IPP software which is available...

5.9CVSS5.7AI score0.00233EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/16 5:2 a.m.4 views

CVE-2026-22617

Eaton Intelligent Power Protector IPP uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it through a man‑in‑the‑middle attack. This security issue has been fixed in the latest version of Eaton IPP software which is available on t...

5.7CVSS5.7AI score0.00169EPSS
Exploits0References1
CVE
CVE
added 2026/04/16 4:54 a.m.20 views

CVE-2026-22616

Affected software: Eaton Intelligent Power Protector (IPP). The vulnerability is an authentication rate-limiting issue on the IPP web interface login page, allowing repeated login attempts due to insufficient rate limiting. Root cause is insufficient controls on login attempts. Impact is describe...

7.5CVSS5.7AI score0.00319EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/16 4:45 a.m.29 views

CVE-2026-22615

Due to improper input validation in one of the Eaton Intelligent Power Protector IPP XML, it is possible for an attacker with admin privileges and access to the local system to inject malicious code resulting in arbitrary command execution. This security issue has been fixed in the latest version...

6CVSS0.00342EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.8 views

PT-2026-33256

Due to improper input validation in one of the Eaton Intelligent Power Protector IPP XML, it is possible for an attacker with admin privileges and access to the local system to inject malicious code resulting in arbitrary command execution. This security issue has been fixed in the latest version...

6CVSS5.9AI score0.00342EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/14 5:11 a.m.3 views

CVE-2025-59889

Improper authentication of library files in the Eaton IPP software installer could lead to arbitrary code execution of an attacker with the access to the software package. This security issue has been fixed in the latest version of IPP which is available on the Eaton download center...

8.6CVSS7.4AI score0.00169EPSS
Exploits0References1
ICS
ICS
added 2022/05/10 12:0 a.m.61 views

Eaton Intelligent Power Protector

1. EXECUTIVE SUMMARY CVSS v3 5.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Eaton Equipment: Intelligent Power Protector IPP Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code...

5.4CVSS6.1AI score0.00495EPSS
Exploits0References5
NVD
NVD
added 2022/04/19 9:15 p.m.17 views

CVE-2021-23283

Eaton Intelligent Power Protector IPP prior to version 1.69 is vulnerable to stored Cross Site Scripting. The vulnerability exists due to insufficient validation of user input and improper encoding of the output for certain resources within the IPP software...

5.4CVSS0.00495EPSS
Exploits0References1
OSV
OSV
added 2022/04/19 9:15 p.m.3 views

CVE-2021-23283

Eaton Intelligent Power Protector IPP prior to version 1.69 is vulnerable to stored Cross Site Scripting. The vulnerability exists due to insufficient validation of user input and improper encoding of the output for certain resources within the IPP software...

5.4CVSS5.8AI score0.00495EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/19 8:26 p.m.27 views

CVE-2021-23283 Security issues in Eaton Intelligent Power Protector (IPP)

Eaton Intelligent Power Protector IPP prior to version 1.69 is vulnerable to stored Cross Site Scripting. The vulnerability exists due to insufficient validation of user input and improper encoding of the output for certain resources within the IPP software...

5.2CVSS5.7AI score0.00495EPSS
Exploits0References1
CVE
CVE
added 2022/04/19 8:26 p.m.71 views

CVE-2021-23283

Eaton IPP (Intelligent Power Protector) is affected by CVE-2021-23283: all versions prior to 1.69 have a stored XSS flaw due to insufficient input validation and improper output encoding in certain resources. Impact described as cross-site scripting with potential for injection via untrusted data...

5.4CVSS5.3AI score0.00495EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder