Vulnerabilities in Eaton
53 resultsCVE-2021-23285LOWSecurity issues in Eaton Intelligent Power Manager InfrastructureEPSS 0.4%CVE-2020-6652HIGHIncorrect privilege assignment allowing non-admin users to upload config filesEPSS 0.4%CVE-2022-33859HIGHUnrestricted file upload in Eaton Foreseer EPMSEPSS 0.3%CVE-2026-22615MEDIUMDue to improper
input validation in one of the Eaton Intelligent Power Protector (IPP) XML, it is
possible for an attacker with admin privilEPSS 0.3%CVE-2026-22619HIGHEaton Intelligent Power Protector (IPP) is affected by insecure library loading in its executable, which could lead to arbitrary code executEPSS 0.3%CVE-2026-22616MEDIUMEaton Intelligent Power Protector (IPP) software allows repeated authentication attempts against the web interface login page due to insuffiEPSS 0.3%CVE-2025-48396HIGHArbitrary code execution is possible due to improper validation of the file upload functionality in Eaton BLSS. This security issue has beenEPSS 0.3%CVE-2024-31414MEDIUMThe Eaton Foreseer software provides users the capability to customize the dashboard in WebView pages. However, the input fields for this feEPSS 0.3%CVE-2023-43777MEDIUMInsecure storage of password in easySoftEPSS 0.3%CVE-2025-59886HIGHImproper input validation at one of the endpoints of Eaton xComfort ECI's
web interface, could lead into an attacker with network access tEPSS 0.3%CVE-2021-23288MEDIUMSecurity issues in Intelligent Power ProtectorEPSS 0.3%CVE-2025-48395MEDIUMAn attacker with authenticated and privileged access could modify the contents of a non-sensitive file by traversing the path in the limitedEPSS 0.3%CVE-2024-31416MEDIUMThe Eaton Foreseer software provides multiple customizable input fields for the users to configure parameters in the tool like alarms, reporEPSS 0.3%CVE-2025-48394MEDIUMAn attacker with authenticated and privileged access could modify the contents of a non-sensitive file by traversing the path in the limitedEPSS 0.3%CVE-2025-59887HIGHImproper authentication of library files in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attackerEPSS 0.3%CVE-2020-6653LOWSensitive date stored in logcat fileEPSS 0.3%CVE-2026-22618MEDIUMA security misconfiguration was identified in Eaton Intelligent Power Protector (IPP), where an HTTP response header was set with an insecurEPSS 0.2%CVE-2025-59888MEDIUMImproper quotation in search paths in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attacker with EPSS 0.2%CVE-2025-22491MEDIUMImproper Input Validation in Foreseer Reporting Software (FRS)EPSS 0.2%CVE-2025-48393MEDIUMThe server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacEPSS 0.2%