Vulnerabilities > Eaton

DATE CVE VULNERABILITY TITLE RISK
2022-04-19 CVE-2021-23283 Cross-site Scripting vulnerability in Eaton Intelligent Power Protector
Eaton Intelligent Power Protector (IPP) prior to version 1.69 is vulnerable to stored Cross Site Scripting.
network
eaton CWE-79
3.5
2022-04-18 CVE-2021-23284 Cross-site Scripting vulnerability in Eaton Intelligent Power Manager Infrastructure
Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to Stored Cross-site Scripting vulnerability.
network
eaton CWE-79
3.5
2022-04-18 CVE-2021-23285 Cross-site Scripting vulnerability in Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to reflected Cross-site Scripting vulnerability.
network
eaton CWE-79
3.5
2022-04-18 CVE-2021-23286 Improper Neutralization of Formula Elements in a CSV File vulnerability in Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to CSV Formula Injection.
7.9
2022-04-01 CVE-2021-23287 Cross-site Scripting vulnerability in Eaton Intelligent Power Manager 1.6/1.67/1.69
The vulnerability exists due to insufficient validation of input of certain resources within the IPM software.
network
eaton CWE-79
3.5
2022-04-01 CVE-2021-23288 Cross-site Scripting vulnerability in Eaton Intelligent Power Protector
The vulnerability exists due to insufficient validation of input from certain resources by the IPP software.
2.3
2021-01-07 CVE-2020-6656 Type Confusion vulnerability in Eaton Easysoft
Eaton's easySoft software v7.xx prior to v7.22 are susceptible to file parsing type confusion remote code execution vulnerability.
network
eaton CWE-843
6.8
2021-01-07 CVE-2020-6655 Out-of-bounds Read vulnerability in Eaton Easysoft 7.20
The Eaton's easySoft software v7.xx prior to v7.22 are susceptible to Out-of-bounds remote code execution vulnerability.
network
eaton CWE-125
6.8
2020-09-30 CVE-2020-6654 Uncontrolled Search Path Element vulnerability in Eaton 9000X Programming and Configuration Software
A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL.
local
eaton CWE-427
4.4
2020-08-12 CVE-2020-6653 Information Exposure vulnerability in Eaton Secureconnect 1.7.3
Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app.
local
low complexity
eaton CWE-200
2.1