Eaton Intelligent Power Manager 1.6 - Directory Traversal

Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via directory traversal, which can lead to sensitive information disclosure, denial of service and code execution. id: CVE-2018-12031 info: name: Eaton Intelligent Power Manager 1.6 - Directory Traversal author: daffainfo...

EUVD-2021-10381

Malware in sbrugna...

EUVD-2021-10379

Malware in sbrugna...

EUVD-2021-10382

Malware in sbrugna...

EUVD-2021-10375

Malware in sbrugna...

EUVD-2021-10373

Malware in sbrugna...

EUVD-2020-27798

Malware in sbrugna...

EUVD-2021-10371

Malware in sbrugna...

EUVD-2020-27799

Malware in sbrugna...

EUVD-2021-10376

Malware in sbrugna...

EUVD-2021-10374

Malware in sbrugna...

CVE-2021-23282

CVE-2021-23282 affects Eaton Intelligent Power Manager (IPM) versions prior to 1.70. The issue is a stored cross-site scripting vulnerability caused by insufficient validation of input from certain resources in the IPM software. Exploitation requires access to the local subnet and administrator i...

VulnCheck KEV: CVE-2018-12031

Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/nodeupgradesrv.js directory traversal with the firmware parameter in a downloadFirmware action...

PT-2022-3426 · Eaton · Eaton Intelligent Power Manager

Name of the Vulnerable Software and Affected Versions: Eaton Intelligent Power Manager IPM versions prior to 1.70 Description: The issue exists due to insufficient validation of input from certain resources by the IPM software, leading to stored Cross site scripting. An attacker would need access...

CVE-2021-23286

CVE-2021-23286 affects Eaton’s IPM Infrastructure (IPM Infrastructure), across all versions up to 1.5.0plus205. The connected ICS/IR sources confirm a vulnerability in CSV formula handling (CSV Formula Injection) due to improper sanitization of imported CSV files. Exploitation requires access to ...

CVE-2021-23284

The CVE-2021-23284 entry affects Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure): all versions up to 1.5.0plus205 are vulnerable to a Stored Cross-Site Scripting (XSS) vulnerability caused by improper neutralization of input during web page generation. Connected sources (ICS A...

Eaton Intelligent Power Manager 跨站脚本漏洞

Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. A security vulnerability exists in Eaton Intelligent Power Manager Infrastructure IPM Infrastructure versio...

Eaton Intelligent Power Manager 跨站脚本漏洞

Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. A security vulnerability exists in Eaton Intelligent Power Manager Infrastructure IPM Infrastructure versio...

CVE-2021-23287

The vulnerability exists due to insufficient validation of input of certain resources within the IPM software. This issue affects: Intelligent Power Manager IPM 1 versions prior to 1.70...

CVE-2021-23287 Security issues in Intelligent Power Manager (IPM 1)

The vulnerability exists due to insufficient validation of input of certain resources within the IPM software. This issue affects: Intelligent Power Manager IPM 1 versions prior to 1.70...