4 matches found
Eaton Intelligent Power Manager 1.6 - Directory Traversal
Exploit Title: Eaton Intelligent Power Manager 1.6 - Directory Traversal Date: 2018-09-29 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://powerquality.eaton.com/ Software Link: https://powerquality.eaton.com/Support/Software-Drivers/default.asp?cx=-999 Version: v1.6 Tested on: Windows...
Eaton Power Management Software Vulnerability - Lenovo Support US
No description provided...
CVE-2018-12031
Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/nodeupgradesrv.js directory traversal with the firmware parameter in a downloadFirmware action...
CVE-2018-12031
CVE-2018-12031 affects Eaton Intelligent Power Manager v1.6 with a Local File Inclusion through directory traversal in the downloadFirmware action (server/node_upgrade_srv.js). The root cause is improper handling of the firmware parameter, enabling an attacker to traverse directories and potentia...