CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-12031

Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.801

EPSS Ranking 99.0%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion
https://github.com/EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion

Products affected by CVE-2018-12031

Eaton » Intelligent Power Manager » Version: 1.6

cpe:2.3:a:eaton:intelligent_power_manager:1.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-12031

Products

Pricing

Contact Us