CVE-2018-12031

Published
View on NVD ↗
CVSS v3
N/A
CVSS v2
7.5
HIGH
Affected
1
PROJECT

Description

Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action.

EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion
EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion
CVE-2018-12031 | LFI in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file, it can lead to sensitive information disclosure, denial of service and code execution.
GitHubGitHub
4