What is CVE-2018-12031?

CVE-2018-12031 is a vulnerability in N/a. Published 2018-06-07.

Is CVE-2018-12031 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-12031

Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action.

EPSS: 0.748 (98.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion
0xT11/CVE-POC
20142995/nuclei-templates
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates

References

github.com/EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion (x_refsource_MISC)

Frequently asked questions

What is CVE-2018-12031?: CVE-2018-12031 is a vulnerability in N/a. Published 2018-06-07.
Is CVE-2018-12031 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.