漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Arbitrary File upload
Vulnerability Description
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file upload vulnerability. IPM’s maps_srv.js allows an attacker to upload a malicious NodeJS file using uploadBackgroud action. An attacker can upload a malicious code or execute any command using a specially crafted packet to exploit the vulnerability.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Eaton Intelligent Power Manager 代码问题漏洞
Vulnerability Description
Eaton Intelligent Power Manager(IPM)是美国Eaton公司的一款智能电源管理器,它支持从界面远程监视和管理网络中的多个设备。 Eaton Intelligent Power Manager (IPM) 1.69之前版本存在代码问题漏洞,攻击者可以使用特制数据包上传恶意代码或执行任何命令。
CVSS Information
N/A
Vulnerability Type
N/A