Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eaton intelligent power protector vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2021-23277
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to unauthenticated eval injection vulnerability. The software does not neutralize code syntax from users before using in the dynamic evaluation call in loadUserFile function under scripts/libs/utils.js. Successful ex...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
10
CVSSv3
CVE-2021-23279
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to unauthenticated arbitrary file delete vulnerability induced due to improper input validation in meta_driver_srv.js class with saveDriverData action using invalidated driverID. An attacker can send specially crafte...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
9.9
CVSSv3
CVE-2021-23280
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to authenticated arbitrary file upload vulnerability. IPM’s maps_srv.js allows an malicious user to upload a malicious NodeJS file using uploadBackgroud action. An attacker can upload a malicious code or execut...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
9.6
CVSSv3
CVE-2021-23278
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to authenticated arbitrary file delete vulnerability induced due to improper input validation at server/maps_srv.js with action removeBackground and server/node_upgrade_srv.js with action removeFirmware. An attacker ...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
8.8
CVSSv3
CVE-2021-23276
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to authenticated SQL injection. A malicious user can send a specially crafted packet to exploit the vulnerability. Successful exploitation of this vulnerability can allow malicious users to add users in the data base...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
5.4
CVSSv3
CVE-2021-23283
Eaton Intelligent Power Protector (IPP) prior to version 1.69 is vulnerable to stored Cross Site Scripting. The vulnerability exists due to insufficient validation of user input and improper encoding of the output for certain resources within the IPP software.
Eaton Intelligent Power Protector
4.8
CVSSv3
CVE-2021-23288
The vulnerability exists due to insufficient validation of input from certain resources by the IPP software. The attacker would need access to the local Subnet and an administrator interaction to compromise the system. This issue affects: Intelligent Power Protector versions befo...
Eaton Intelligent Power Protector
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started