Vulnerabilities > Eaton > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-02-13 CVE-2016-9357 Path Traversal vulnerability in Eaton products
An issue was discovered in certain legacy Eaton ePDUs -- the affected products are past end-of-life (EoL) and no longer supported: EAMxxx prior to June 30, 2015, EMAxxx prior to January 31, 2014, EAMAxx prior to January 31, 2014, EMAAxx prior to January 31, 2014, and ESWAxx prior to January 31, 2014.
network
low complexity
eaton CWE-22
5.0
2016-07-03 CVE-2016-4509 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Eaton Elcsoft 1.00.08/2.4.01
Heap-based buffer overflow in elcsoft.exe in Eaton ELCSoft 2.4.01 and earlier allows remote authenticated users to execute arbitrary code via a crafted file.
network
eaton CWE-119
6.0
2015-12-23 CVE-2015-6471 Information Exposure vulnerability in Eaton Proview
Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and IdeaPLUS relays does not properly initialize padding fields in Ethernet packets, which allows remote attackers to obtain sensitive information by reading packet data.
network
eaton CWE-200
4.3