SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  Eaton Intelligent Power Manager Command Injection

Category: SCADA-ATTACKS      

Improper Input Validation in Eaton's Intelligent Power Manager (IPM) v 1.67 & prior on file name during configuration file import functionality allows attackers to perform command injection or code execution via specially crafted file names while uploading the configuration file in the application.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6651


Relevant Information