Eaton Intelligent Power Protector HTTP Header Exposes Users to Attacks

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.9

Eaton Intelligent Power Protector HTTP Header Exposes Users to Attacks

CVE-2026-22618

Summary

A security flaw in Eaton's Intelligent Power Protector software could allow hackers to launch web-based attacks. This issue has been fixed in the latest version, which is available for download. Update your software to protect your system.

Original title

Original description

A security misconfiguration was identified in Eaton Intelligent Power Protector (IPP), where an HTTP response header was set with an insecure attribute, potentially exposing users to web‑based attacks. This security issue has been fixed in the latest version of Eaton IPP software which is available on the Eaton download centre.

nvd CVSS3.1 5.9

Vulnerability type

CWE-358

https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/secu...

Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026