Path traversal in Eaton Intelligent Power Manager



Published: 2018-06-07 | Updated: 2020-08-08
Risk High
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2018-12031
CWE-ID CWE-22
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Subscribe
Intelligent Power Manager
Client/Desktop applications / Software for system administration

Vendor Eaton

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Path traversal

EUVDB-ID: #VU37069

Risk: High

CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2018-12031

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: Yes

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Intelligent Power Manager: 1.6

External links

http://github.com/EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###