Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eaton intelligent power manager virtual appliance vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2021-23277
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to unauthenticated eval injection vulnerability. The software does not neutralize code syntax from users before using in the dynamic evaluation call in loadUserFile function under scripts/libs/utils.js. Successful ex...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
10
CVSSv3
CVE-2021-23279
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to unauthenticated arbitrary file delete vulnerability induced due to improper input validation in meta_driver_srv.js class with saveDriverData action using invalidated driverID. An attacker can send specially crafte...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
9.9
CVSSv3
CVE-2021-23280
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to authenticated arbitrary file upload vulnerability. IPM’s maps_srv.js allows an malicious user to upload a malicious NodeJS file using uploadBackgroud action. An attacker can upload a malicious code or execut...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
9.6
CVSSv3
CVE-2021-23278
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to authenticated arbitrary file delete vulnerability induced due to improper input validation at server/maps_srv.js with action removeBackground and server/node_upgrade_srv.js with action removeFirmware. An attacker ...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
8.8
CVSSv3
CVE-2021-23276
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to authenticated SQL injection. A malicious user can send a specially crafted packet to exploit the vulnerability. Successful exploitation of this vulnerability can allow malicious users to add users in the data base...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started