Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eaton vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2021-23288
The vulnerability exists due to insufficient validation of input from certain resources by the IPP software. The attacker would need access to the local Subnet and an administrator interaction to compromise the system. This issue affects: Intelligent Power Protector versions befo...
Eaton Intelligent Power Protector
5.4
CVSSv3
CVE-2021-23287
The vulnerability exists due to insufficient validation of input of certain resources within the IPM software. This issue affects: Intelligent Power Manager (IPM 1) versions before 1.70.
Eaton Intelligent Power Manager
9.9
CVSSv3
CVE-2021-23280
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to authenticated arbitrary file upload vulnerability. IPM’s maps_srv.js allows an malicious user to upload a malicious NodeJS file using uploadBackgroud action. An attacker can upload a malicious code or execut...
8.8
CVSSv3
CVE-2021-23276
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to authenticated SQL injection. A malicious user can send a specially crafted packet to exploit the vulnerability. Successful exploitation of this vulnerability can allow malicious users to add users in the data base...
10
CVSSv3
CVE-2021-23277
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to unauthenticated eval injection vulnerability. The software does not neutralize code syntax from users before using in the dynamic evaluation call in loadUserFile function under scripts/libs/utils.js. Successful ex...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
9.6
CVSSv3
CVE-2021-23278
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to authenticated arbitrary file delete vulnerability induced due to improper input validation at server/maps_srv.js with action removeBackground and server/node_upgrade_srv.js with action removeFirmware. An attacker ...
10
CVSSv3
CVE-2021-23279
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to unauthenticated arbitrary file delete vulnerability induced due to improper input validation in meta_driver_srv.js class with saveDriverData action using invalidated driverID. An attacker can send specially crafte...
10
CVSSv3
CVE-2021-23281
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to unauthenticated remote code execution vulnerability. IPM software does not sanitize the date provided via coverterCheckList action in meta_driver_srv.js class. Attackers can send a specially crafted packet to make...
7.8
CVSSv3
CVE-2020-6655
The Eaton's easySoft software v7.xx prior to v7.22 are susceptible to Out-of-bounds remote code execution vulnerability. A malicious entity can execute a malicious code or make the application crash by tricking user to upload the malformed .E70 file in the application. The v...
Eaton Easysoft
7.8
CVSSv3
CVE-2020-6656
Eaton's easySoft software v7.xx prior to v7.22 are susceptible to file parsing type confusion remote code execution vulnerability. A malicious entity can execute a malicious code or make the application crash by tricking user upload a malformed .E70 file in the application. ...
Eaton Easysoft
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »