Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Intelligent Power Manager Security Vulnerabilities - CVSS Score 9 - 10

cve
cve

CVE-2018-12031

Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action.

9.8CVSS

9.3AI Score

0.014EPSS

2018-06-07 04:29 PM
55
cve
cve

CVE-2021-23278

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file delete vulnerability induced due to improper input validation at server/maps_srv.js with action removeBackground and server/node_upgrade_srv.js with action removeFirmware. An attacker can send speciall...

9.6CVSS

9.1AI Score

0.001EPSS

2021-04-13 07:15 PM
41
4
cve
cve

CVE-2021-23280

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file upload vulnerability. IPM’s maps_srv.js allows an attacker to upload a malicious NodeJS file using uploadBackgroud action. An attacker can upload a malicious code or execute any command using a special...

9.9CVSS

9.5AI Score

0.001EPSS

2021-04-13 07:15 PM
33
4