Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eaton vulnerabilities and exploits
(subscribe to this query)
534
VMScore
CVE-2020-6651
Improper Input Validation in Eaton's Intelligent Power Manager (IPM) v 1.67 & prior on file name during configuration file import functionality allows malicious users to perform command injection or code execution via specially crafted file names while uploading the conf...
Eaton Intelligent Power Manager
312
VMScore
CVE-2021-23284
Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to Stored Cross-site Scripting vulnerability. This issue affects: Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) all version 1.5.0pl...
Eaton Intelligent Power Manager Infrastructure
668
VMScore
CVE-2018-12031
Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an malicious user to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action.
Eaton Intelligent Power Manager 1.6
1 Github repository
445
VMScore
CVE-2016-9368
An issue exists in Eaton xComfort Ethernet Communication Interface (ECI) Versions 1.07 and prior. By accessing a specific uniform resource locator (URL) on the webserver, a malicious user may be able to access files without authenticating.
Eaton Xcomfort Ethernet Communication Interface
NA
CVE-2022-33859
A security vulnerability exists in the Eaton Foreseer EPMS software. Foreseer EPMS connects an operation’s vast array of devices to assist in the reduction of energy consumption and avoid unplanned downtime caused by the failures of critical systems. A threat actor may uplo...
Eaton Foreseer Electrical Power Monitoring System
392
VMScore
CVE-2020-6654
A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an malicious user to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL.
Eaton 9000x Programming And Configuration Software
445
VMScore
CVE-2016-2272
Eaton Lighting EG2 Web Control 4.04P and previous versions allows remote malicious users to have an unspecified impact via a modified cookie.
Eaton Lighting Systems Eg2 Web Control
445
VMScore
CVE-2016-0871
Eaton Lighting EG2 Web Control 4.04P and previous versions allows remote malicious users to read the configuration file, and consequently discover credentials, via a direct request.
Eaton Lighting Systems Eg2 Web Control
578
VMScore
CVE-2021-23276
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to authenticated SQL injection. A malicious user can send a specially crafted packet to exploit the vulnerability. Successful exploitation of this vulnerability can allow malicious users to add users in the data base...
NA
CVE-2021-23282
Eaton Intelligent Power Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »