Lucene search
+L

560 matches found

Positive Technologies
Positive Technologies
added 2025/12/26 12:0 a.m.6 views

PT-2025-53454

Name of the Vulnerable Software and Affected Versions Eaton UPS Companion software affected versions not specified Description The Eaton UPS Companion software contains a flaw related to insecure library loading. An attacker who has access to the software package could potentially execute arbitra...

7.8CVSS7.1AI score0.00134EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/26 12:0 a.m.5 views

PT-2025-53452

Name of the Vulnerable Software and Affected Versions Eaton UPS Companion software affected versions not specified Description A flaw exists in the Eaton UPS Companion software installer related to improper authentication of library files. This could allow an attacker who has access to the softwa...

8.6CVSS7.3AI score0.00266EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/12/26 12:0 a.m.7 views

PT-2025-53453

Name of the Vulnerable Software and Affected Versions Eaton UPS Companion affected versions not specified Description A flaw exists in the Eaton UPS Companion software installer related to improper handling of quotation marks in search paths. This could allow an attacker with file system access t...

6.7CVSS6.8AI score0.00192EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/12/24 11:37 a.m.5 views

CVE-2025-59886

Improper input validation at one of the endpoints of Eaton xComfort ECI's web interface, could lead into an attacker with network access to the device executing privileged user commands. As cybersecurity standards continue to evolve and to meet our requirements today, Eaton has decided to...

8.8CVSS6.8AI score0.00278EPSS
Exploits1References1
NVD
NVD
added 2025/12/23 12:15 p.m.5 views

CVE-2025-59886

Improper input validation at one of the endpoints of Eaton xComfort ECI's web interface, could lead into an attacker with network access to the device executing privileged user commands. As cybersecurity standards continue to evolve and to meet our requirements today, Eaton has decided to...

8.8CVSS0.00278EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/23 11:31 a.m.3 views

EUVD-2025-204794

Improper input validation at one of the endpoints of Eaton xComfort ECI's web interface, could lead into an attacker with network access to the device executing privileged user commands. As cybersecurity standards continue to evolve and to meet our requirements today, Eaton has decided to...

8.8CVSS6.3AI score0.00278EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/23 11:31 a.m.32 views

CVE-2025-59886

Improper input validation at one of the endpoints of Eaton xComfort ECI's web interface, could lead into an attacker with network access to the device executing privileged user commands. As cybersecurity standards continue to evolve and to meet our requirements today, Eaton has decided to...

8.8CVSS0.00278EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/12/23 11:31 a.m.3 views

CVE-2025-59886

Improper input validation at one of the endpoints of Eaton xComfort ECI's web interface, could lead into an attacker with network access to the device executing privileged user commands. As cybersecurity standards continue to evolve and to meet our requirements today, Eaton has decided to...

8.8CVSS6.4AI score0.00278EPSS
Exploits1References1
CVE
CVE
added 2025/12/23 11:31 a.m.15 views

CVE-2025-59886

The CVE-2025-59886 issue affects Eaton xComfort ECI, specifically improper input validation at a web interface endpoint. This could allow a network-adjacent attacker to execute privileged commands on the device. Multiple sources corroborate a high-severity impact (CVSS 3.1: Network access, Privil...

8.8CVSS6.4AI score0.00278EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.9 views

Eaton xComfort ECI 安全漏洞

The Eaton xComfort ECI is an Ethernet communication interface device from Eaton Corporation USA. A security vulnerability exists in the Eaton xComfort ECI that stems from improper validation of web interface endpoint inputs, which could allow an attacker with network access rights to execute...

8.8CVSS6.8AI score0.00278EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/23 12:0 a.m.9 views

PT-2025-52737

Name of the Vulnerable Software and Affected Versions Eaton xComfort ECI affected versions not specified Description A flaw exists in the input validation process of a web interface endpoint within Eaton xComfort ECI. This could allow an attacker with network access to the device to execute...

8.8CVSS6.8AI score0.00278EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/01 2:16 p.m.6 views

CVE-2025-59890

Improper input sanitization in the file archives upload functionality of Eaton Galileo software allows traversing paths which could lead into an attacker with local access to execute unauthorized code or commands. This security issue has been fixed in the latest version of Galileo which is...

7.3CVSS7AI score0.0013EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/27 12:30 p.m.6 views

EUVD-2025-199818

Improper input sanitization in the file archives upload functionality of Eaton Galileo software allows traversing paths which could lead into an attacker with local access to execute unauthorized code or commands. This security issue has been fixed in the latest version of Galileo which is...

7.3CVSS6.3AI score0.0013EPSS
Exploits0References2
NVD
NVD
added 2025/11/27 11:15 a.m.5 views

CVE-2025-59890

Improper input sanitization in the file archives upload functionality of Eaton Galileo software allows traversing paths which could lead into an attacker with local access to execute unauthorized code or commands. This security issue has been fixed in the latest version of Galileo which is...

7.3CVSS0.0013EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/27 10:48 a.m.3 views

CVE-2025-59890

Improper input sanitization in the file archives upload functionality of Eaton Galileo software allows traversing paths which could lead into an attacker with local access to execute unauthorized code or commands. This security issue has been fixed in the latest version of Galileo which is...

7.3CVSS6.5AI score0.0013EPSS
Exploits0References1
CVE
CVE
added 2025/11/27 10:48 a.m.12 views

CVE-2025-59890

Eaton Galileo software is affected by CVE-2025-59890 due to improper input sanitization in the file archives upload function, enabling local path traversal that could allow an attacker with local access to execute unauthorized code or commands. The issue is tied to the Galileo file-archiver handl...

7.3CVSS6.5AI score0.0013EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/27 12:0 a.m.5 views

Eaton Galileo 安全漏洞

Eaton Galileo is a specialized management software platform for equipment configuration, monitoring and system integration from Eaton Corporation USA. A security vulnerability exists in Eaton Galileo that stems from improper input cleanup for the file archive upload function, which could allow a...

7.3CVSS6.9AI score0.0013EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/27 12:0 a.m.5 views

PT-2025-48263

Improper input sanitization in the file archives upload functionality of Eaton Galileo software allows traversing paths which could lead into an attacker with local access to execute unauthorized code or commands. This security issue has been fixed in the latest version of Galileo which is...

7.3CVSS6.8AI score0.0013EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/04 9:8 a.m.6 views

CVE-2025-48397

The privileged user could log in without sufficient credentials after enabling an application protocol. This security issue has been fixed in the latest script patch latest version of of Eaton BLSS 7.3.0.SCP004...

7.1CVSS6.7AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/04 9:8 a.m.8 views

CVE-2025-48396

Arbitrary code execution is possible due to improper validation of the file upload functionality in Eaton BLSS. This security issue has been fixed in the latest script patch latest version of of Eaton BLSS 7.3.0.SCP004...

8.3CVSS7.5AI score0.00329EPSS
Exploits0References1
Rows per page
Query Builder