282 matches found
Eaton Intelligent Power Manager 跨站脚本漏洞
Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. A security vulnerability exists in Eaton Intelligent Power Manager Infrastructure IPM Infrastructure versio...
Eaton Intelligent Power Manager 安全漏洞
Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. A security vulnerability exists in Eaton Intelligent Power Manager Infrastructure IPM Infrastructure versio...
Eaton Intelligent Power Manager 跨站脚本漏洞
Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. A security vulnerability exists in Eaton Intelligent Power Manager Infrastructure IPM Infrastructure versio...
CVE-2021-23287
The vulnerability exists due to insufficient validation of input of certain resources within the IPM software. This issue affects: Intelligent Power Manager IPM 1 versions prior to 1.70...
CVE-2021-23287 Security issues in Intelligent Power Manager (IPM 1)
The vulnerability exists due to insufficient validation of input of certain resources within the IPM software. This issue affects: Intelligent Power Manager IPM 1 versions prior to 1.70...
Eaton Intelligent Power Manager 跨站脚本漏洞
Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. A security vulnerability exists in Intelligent Power Manager IPM 1 versions prior to 1.70 that stems from...
Eaton Intelligent Power Manager (IPM) < 1.69 Multiple Vulnerabilities (ETN-VA-2021-1000)
The version of Eaton Intelligent Power Manager installed on the remote Windows host is prior to 1.69. It is, therefore, affected multiple vulnerabilities: - Eaton Intelligent Power Manager IPM prior to 1.69 is vulnerable to unauthenticated arbitrary file delete vulnerability induced due to improp...
Eaton Intelligent Power Manager Eval Injection Vulnerability
Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. An Eval injection vulnerability exists in Eaton IPM versions prior to 1.69. The vulnerability arises becaus...
Eaton Intelligent Power Manager
1. EXECUTIVE SUMMARY CVSS v3 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Eaton Equipment: Intelligent Power Manager IPM Vulnerabilities: SQL Injection, Eval Injection, Improper Input Validation, Unrestricted Upload of File with Dangerous Type, Code Injection 2. RISK...
Eaton Intelligent Power Manager SQL Injection Vulnerability
Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. An SQL injection vulnerability exists in Eaton Intelligent Power Manager versions prior to 1.69, which is...
Eaton Intelligent Power Manager Arbitrary File Upload Vulnerability
Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. An arbitrary file upload vulnerability exists in Eaton Intelligent Power Manager IPM versions prior to 1.69...
Eaton Intelligent Power Manager Arbitrary File Deletion Vulnerability
Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. An arbitrary file deletion vulnerability exists in Eaton Intelligent Power Manager versions prior to 1.69,...
Eaton Intelligent Power Manager Remote Code Execution Vulnerability
Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. A remote code execution vulnerability exists in Eaton Intelligent Power Manager versions prior to 1.69, whi...
Eaton Intelligent Power Manager Arbitrary File Deletion Vulnerability (CNVD-2021-31672)
Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. An arbitrary file deletion vulnerability exists in Eaton Intelligent Power Manager versions prior to 1.69,...
CVE-2021-23281
Eaton Intelligent Power Manager IPM prior to 1.69 is vulnerable to unauthenticated remote code execution vulnerability. IPM software does not sanitize the date provided via coverterCheckList action in metadriversrv.js class. Attackers can send a specially crafted packet to make IPM connect to rou...
CVE-2021-23280
Eaton Intelligent Power Manager IPM prior to 1.69 is vulnerable to authenticated arbitrary file upload vulnerability. IPM’s mapssrv.js allows an attacker to upload a malicious NodeJS file using uploadBackgroud action. An attacker can upload a malicious code or execute any command using a speciall...
CVE-2021-23276
Eaton Intelligent Power Manager IPM prior to 1.69 is vulnerable to authenticated SQL injection. A malicious user can send a specially crafted packet to exploit the vulnerability. Successful exploitation of this vulnerability can allow attackers to add users in the data base...
CVE-2021-23277
Eaton Intelligent Power Manager IPM prior to 1.69 is vulnerable to unauthenticated eval injection vulnerability. The software does not neutralize code syntax from users before using in the dynamic evaluation call in loadUserFile function under scripts/libs/utils.js. Successful exploitation can...
CVE-2021-0439
In setPowerModeWithHandle of comandroidserverpowerPowerManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...
Remote code execution
Eaton Intelligent Power Manager IPM prior to 1.69 is vulnerable to unauthenticated remote code execution vulnerability. IPM software does not sanitize the date provided via coverterCheckList action in metadriversrv.js class. Attackers can send a specially crafted packet to make IPM connect to rou...