Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eaton vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2016-4509
Heap-based buffer overflow in elcsoft.exe in Eaton ELCSoft 2.4.01 and previous versions allows remote authenticated users to execute arbitrary code via a crafted file.
Eaton Elcsoft
3.5
CVSSv2
CVE-2020-7915
An issue exists on Eaton 5P 850 devices. The Ubicacion SAI field allows XSS attacks by an administrator.
Eaton 5p 850 Firmware -
5.8
CVSSv2
CVE-2020-6650
UPS companion software v1.05 & Prior is affected by ‘Eval Injection’ vulnerability. The software does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call e.g.”eval” in “Update Manager” c...
Eaton Ups Companion
1 Github repository
3.5
CVSSv2
CVE-2021-23283
Eaton Intelligent Power Protector (IPP) prior to version 1.69 is vulnerable to stored Cross Site Scripting. The vulnerability exists due to insufficient validation of user input and improper encoding of the output for certain resources within the IPP software.
Eaton Intelligent Power Protector
6
CVSSv2
CVE-2020-6651
Improper Input Validation in Eaton's Intelligent Power Manager (IPM) v 1.67 & prior on file name during configuration file import functionality allows malicious users to perform command injection or code execution via specially crafted file names while uploading the conf...
Eaton Intelligent Power Manager
4.6
CVSSv2
CVE-2020-6652
Incorrect Privilege Assignment vulnerability in Eaton's Intelligent Power Manager (IPM) v1.67 & prior allow non-admin users to upload the system configuration files by sending specially crafted requests. This can result in non-admin users manipulating the system configur...
Eaton Intelligent Power Manager
3.5
CVSSv2
CVE-2021-23285
Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to reflected Cross-site Scripting vulnerability. This issue affects: Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) all version 1.5....
Eaton Intelligent Power Manager
7.9
CVSSv2
CVE-2021-23286
Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to CSV Formula Injection. This issue affects: Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) all version 1.5.0plus205 and prior vers...
Eaton Intelligent Power Manager
3.5
CVSSv2
CVE-2021-23287
The vulnerability exists due to insufficient validation of input of certain resources within the IPM software. This issue affects: Intelligent Power Manager (IPM 1) versions before 1.70.
Eaton Intelligent Power Manager
2.3
CVSSv2
CVE-2021-23288
The vulnerability exists due to insufficient validation of input from certain resources by the IPP software. The attacker would need access to the local Subnet and an administrator interaction to compromise the system. This issue affects: Intelligent Power Protector versions befo...
Eaton Intelligent Power Protector
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »