RSS   Vulnerabilities for 'Intelligent power manager'   RSS

2018-06-07
 
CVE-2018-12031

CWE-22
 

 
Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action.

 

 >>> Vendor: Eaton 13 Products
Network shutdown module
Proview
Elcsoft
Xcomfort ethernet communication interface
Eamaxx series epdu firmware
Emaxxx series epdu firmware
Eswaxx series epdu firmware
Emaaxx series epdu firmware
Eamxxx series epdu firmware
Intelligent power manager
9000x firmware
9px ups firmware
Halo home


Copyright 2019, cxsecurity.com

 

Back to Top