Vulnerabilities > Eaton > High

DATE CVE VULNERABILITY TITLE RISK
2024-09-13 CVE-2024-31415 Insufficiently Protected Credentials vulnerability in Eaton Foreseer Electrical Power Monitoring System
The Eaton Foreseer software provides the feasibility for the user to configure external servers for multiple purposes such as network management, user management, etc.
network
low complexity
eaton CWE-522
8.1
2022-04-18 CVE-2021-23286 Improper Neutralization of Formula Elements in a CSV File vulnerability in Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to CSV Formula Injection.
low complexity
eaton CWE-1236
8.0
2018-07-13 CVE-2018-8847 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Eaton 9000X Firmware 2.0.29
Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer overflow vulnerability, which may allow remote code execution.
network
low complexity
eaton CWE-119
7.5
2018-06-07 CVE-2018-12031 Path Traversal vulnerability in Eaton Intelligent Power Manager 1.6
Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action.
network
low complexity
eaton CWE-22
7.5
2016-07-03 CVE-2016-4512 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Eaton Elcsoft 1.00.08/2.4.01
Stack-based buffer overflow in ELCSimulator in Eaton ELCSoft 2.4.01 and earlier allows remote attackers to execute arbitrary code via a long packet.
network
low complexity
eaton CWE-119
7.5