Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.3
CVE-2020-6651
- EPSS 1.07%
- Veröffentlicht 07.05.2020 16:15:11
- Zuletzt bearbeitet 21.11.2024 05:36:05
Improper Input Validation in Eaton's Intelligent Power Manager (IPM) v 1.67 & prior on file name during configuration file import functionality allows attackers to perform command injection or code execution via specially crafted file names while upl...
7.8
CVE-2020-6652
- EPSS 0.05%
- Veröffentlicht 07.05.2020 16:15:11
- Zuletzt bearbeitet 21.11.2024 05:36:06
Incorrect Privilege Assignment vulnerability in Eaton's Intelligent Power Manager (IPM) v1.67 & prior allow non-admin users to upload the system configuration files by sending specially crafted requests. This can result in non-admin users manipulatin...
9.8
CVE-2018-12031
- EPSS 74.84%
- Veröffentlicht 07.06.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:44:27
Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action.