Vulnerabilities > Eaton > Intelligent Power Manager > High

DATE CVE VULNERABILITY TITLE RISK
2022-04-18 CVE-2021-23286 Improper Neutralization of Formula Elements in a CSV File vulnerability in Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to CSV Formula Injection.
low complexity
eaton CWE-1236
8.0
2018-06-07 CVE-2018-12031 Path Traversal vulnerability in Eaton Intelligent Power Manager 1.6
Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action.
network
low complexity
eaton CWE-22
7.5