Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.0
Eaton Intelligent Power Protector allows malicious code execution
CVE-2026-22615
Summary
The Eaton Intelligent Power Protector software has a security flaw that allows an attacker with admin access to the system to run unauthorized code. This could lead to unauthorized changes or data theft. To fix this, update to the latest version of the software available on the Eaton download centre.
Original title
Due to improper
input validation in one of the Eaton Intelligent Power Protector (IPP) XML, it is
possible for an attacker with admin privileges and access to the local system to
inject malicious c...
Original description
Due to improper
input validation in one of the Eaton Intelligent Power Protector (IPP) XML, it is
possible for an attacker with admin privileges and access to the local system to
inject malicious code resulting in arbitrary command execution. This security issue has been fixed in the latest version of Eaton IPP software which is available on the Eaton download centre.
input validation in one of the Eaton Intelligent Power Protector (IPP) XML, it is
possible for an attacker with admin privileges and access to the local system to
inject malicious code resulting in arbitrary command execution. This security issue has been fixed in the latest version of Eaton IPP software which is available on the Eaton download centre.
nvd CVSS3.1
6.0
Vulnerability type
CWE-20
Improper Input Validation
Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026