Critical severity10.0NVD Advisory· Published Apr 13, 2021· Updated Jun 17, 2026
CVE-2021-23281
CVE-2021-23281
Description
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated remote code execution vulnerability. IPM software does not sanitize the date provided via coverterCheckList action in meta_driver_srv.js class. Attackers can send a specially crafted packet to make IPM connect to rouge SNMP server and execute attacker-controlled code.
Affected products
2<1.69+ 1 more
- (no CPE)range: <1.69
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.