CVE-2020-6651

Improper Input Validation in Eaton's Intelligent Power Manager (IPM) v 1.67 & prior on file name during configuration file import functionality allows attackers to perform command injection or code execution via specially crafted file names while uploading the configuration file in the application.
Configurations

Configuration 1 (hide)

cpe:2.3:a:eaton:intelligent_power_manager:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-05-07 16:15

Updated : 2024-02-04 21:00


NVD link : CVE-2020-6651

Mitre link : CVE-2020-6651

CVE.ORG link : CVE-2020-6651


JSON object : View

Products Affected

eaton

  • intelligent_power_manager
CWE
CWE-20

Improper Input Validation

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')