CVE-2018-12031
https://notcve.org/view.php?id=CVE-2018-12031
Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action. Inclusión de archivos locales en Eaton Intelligent Power Manager v1.6 permite que un atacante incluya un archivo mediante un salto de directorio en server/node_upgrade_srv.js con el parámetro firmware en una acción downloadFirmware. • https://github.com/EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2018-7511
https://notcve.org/view.php?id=CVE-2018-7511
In Eaton ELCSoft versions 2.04.02 and prior, there are multiple cases where specially crafted files could cause a buffer overflow which, in turn, may allow remote execution of arbitrary code. En las versiones 2.04.02 y anteriores de Eaton ELCSoft, hay múltiples casos en los que archivos especialmente manipulados podrían provocar un desbordamiento de búfer que, a su vez, podría permitir la ejecución remota de código arbitrario. • http://www.eaton.com/ecm/idcplg?IdcService=GET_FILE&allowInterrupt=1&RevisionSelectionMethod=LatestReleased&noSaveAs=0&Rendition=Primary&dDocName=PCT_3313148 http://www.securityfocus.com/bid/103301 https://ics-cert.us-cert.gov/advisories/ICSA-18-065-03 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-9368
https://notcve.org/view.php?id=CVE-2016-9368
An issue was discovered in Eaton xComfort Ethernet Communication Interface (ECI) Versions 1.07 and prior. By accessing a specific uniform resource locator (URL) on the webserver, a malicious user may be able to access files without authenticating. Se ha descubierto un problema en Eaton xComfort Ethernet Communication Interface (ECI) Versiones 1.07 y anteriores. Accediendo a un localizador de recursos uniforme (URL) específico en el servidor web, un usuario malicioso podría ser capaz de acceder a archivos sin autenticarse. • https://ics-cert.us-cert.gov/advisories/ICSA-17-061-01 • CWE-284: Improper Access Control •
CVE-2016-9357
https://notcve.org/view.php?id=CVE-2016-9357
An issue was discovered in certain legacy Eaton ePDUs -- the affected products are past end-of-life (EoL) and no longer supported: EAMxxx prior to June 30, 2015, EMAxxx prior to January 31, 2014, EAMAxx prior to January 31, 2014, EMAAxx prior to January 31, 2014, and ESWAxx prior to January 31, 2014. An unauthenticated attacker may be able to access configuration files with a specially crafted URL (Path Traversal). Ha sido descubierto un problema en ciertas legacy Eaton ePDUs -- los productos afectados han pasado el término de vida útil (EoL) y ya no son compatibles: EAMxxx antes del 30 de junio de 2015, EMAxxx antes del 31 de enero de 2014, EAMAxx antes del 31 de enero , 2014, EMAAxx antes del 31 de enero de 2014 y ESWAxx antes del 31 de enero de 2014. Un atacante no autenticado puede tener acceso a los archivos de configuración con una URL especialmente manipulada (Salto de Ruta). • http://www.securityfocus.com/bid/95817 https://ics-cert.us-cert.gov/advisories/ICSA-17-026-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2016-4509 – Eaton ELCSoft Heap Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-4509
Heap-based buffer overflow in elcsoft.exe in Eaton ELCSoft 2.4.01 and earlier allows remote authenticated users to execute arbitrary code via a crafted file. Desbordamiento de buffer basado en memoria dinámica en elcsoft.exe en Eaton ELCSoft 2.4.01 y versiones anteriores permite a usuarios remotos autenticados ejecutar código arbitrario a través de un archivo manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Eaton ELCSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing of EPC files. Parsing a specially crafted EPC file can cause ELCSoft.exe to overwrite a TList object in memory. • http://www.securityfocus.com/bid/91524 http://www.zerodayinitiative.com/advisories/ZDI-16-408 https://ics-cert.us-cert.gov/advisories/ICSA-16-182-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •