Skip to main content

Power Xpert Meter 8000 Firmware

1 CVEs product

Monthly

CVE-2018-16158 CRITICAL POC THREAT Act Now

Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Power Xpert Meter 4000 Firmware Power Xpert Meter 6000 Firmware Power Xpert Meter 8000 Firmware
NVD GitHub
CVSS 3.0
9.8
EPSS
34.9%
EPSS 35% CVSS 9.8
CRITICAL POC THREAT Act Now

Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Power Xpert Meter 4000 Firmware Power Xpert Meter 6000 Firmware +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy