CVE-2021-23278
- EPSS 0.1%
- Veröffentlicht 13.04.2021 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:51:29
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file delete vulnerability induced due to improper input validation at server/maps_srv.js with action removeBackground and server/node_upgrade_srv.js with act...
- EPSS 0.91%
- Veröffentlicht 13.04.2021 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:51:29
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated arbitrary file delete vulnerability induced due to improper input validation in meta_driver_srv.js class with saveDriverData action using invalidated driverID. An at...
CVE-2021-23280
- EPSS 0.12%
- Veröffentlicht 13.04.2021 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:51:29
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file upload vulnerability. IPM’s maps_srv.js allows an attacker to upload a malicious NodeJS file using uploadBackgroud action. An attacker can upload a mali...