Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2024/11/29 12:0 a.m.6 views

Eaton 9PX Cross-Site Request Forgery (CVE-2018-9281)

An issue was discovered on Eaton UPS 9PX 8000 SP devices. The administration panel is vulnerable to a CSRF attack on the change- password functionality. This vulnerability could be used to force a logged-in administrator to perform a silent password update. The affected forms are also vulnerable ...

8.8CVSS7.4AI score0.00435EPSS
Exploits0References3
CNVD
CNVD
added 2018/10/25 12:0 a.m.4 views

Eaton UPS 9PX 8000 SP Password Disclosure Vulnerability (CNVD-2019-22860)

The Eaton UPS 9PX 8000 SP is a power management device from Eaton USA. The Eaton UPS 9PX 8000 SP suffers from a password disclosure vulnerability that originates from a web page displayed by the device containing a clear-text password, which can be retrieved by an attacker by browsing the source...

4.9CVSS7AI score0.01043EPSS
Exploits0References1
NVD
NVD
added 2018/10/24 9:29 p.m.20 views

CVE-2018-9279

An issue was discovered on Eaton UPS 9PX 8000 SP devices. The appliance discloses the user's password. The web page displayed by the appliance contains the password in cleartext. Passwords could be retrieved by browsing the source code of the webpage...

4.9CVSS5.4AI score0.01043EPSS
Exploits0References1
Prion
Prion
added 2018/10/24 9:29 p.m.20 views

Design/Logic Flaw

An issue was discovered on Eaton UPS 9PX 8000 SP devices. The appliance discloses the user's password. The web page displayed by the appliance contains the password in cleartext. Passwords could be retrieved by browsing the source code of the webpage...

4CVSS5.4AI score0.01043EPSS
Exploits0References1
Prion
Prion
added 2018/10/24 9:29 p.m.21 views

Cross site scripting

An issue was discovered on Eaton UPS 9PX 8000 SP devices. The administration panel is vulnerable to a CSRF attack on the change-password functionality. This vulnerability could be used to force a logged-in administrator to perform a silent password update. The affected forms are also vulnerable t...

6.8CVSS8.1AI score0.00435EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/10/24 9:0 p.m.23 views

CVE-2018-9281

An issue was discovered on Eaton UPS 9PX 8000 SP devices. The administration panel is vulnerable to a CSRF attack on the change-password functionality. This vulnerability could be used to force a logged-in administrator to perform a silent password update. The affected forms are also vulnerable t...

8.2AI score0.00435EPSS
Exploits0References1
Rows per page
Query Builder