CVE-2021-23277

Eaton Intelligent Power Manager IPM prior to 1.69 is vulnerable to unauthenticated eval injection vulnerability. The software does not neutralize code syntax from users before using in the dynamic evaluation call in loadUserFile function under scripts/libs/utils.js. Successful exploitation can...

Design/Logic Flaw

Eaton Intelligent Power Manager IPM prior to 1.69 is vulnerable to unauthenticated eval injection vulnerability. The software does not neutralize code syntax from users before using in the dynamic evaluation call in loadUserFile function under scripts/libs/utils.js. Successful exploitation can...

PT-2021-15430 · Eaton · Eaton Intelligent Power Manager

Name of the Vulnerable Software and Affected Versions: Eaton Intelligent Power Manager IPM versions prior to 1.69 Description: The issue concerns an unauthenticated eval injection vulnerability. It arises because the software fails to neutralize code syntax from users before using it in the dynam...

Eaton Intelligent Power Manager 代码注入漏洞

Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. An Eval injection vulnerability exists in Eaton IPM versions prior to 1.69. The vulnerability arises becaus...