Eaton Intelligent Power Protector: Unauthorized Login Attempts Possible

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.5

Eaton Intelligent Power Protector: Unauthorized Login Attempts Possible

CVE-2026-22616

Summary

The Eaton Intelligent Power Protector software doesn't limit how many times you can try to log in to the web interface, making it possible for someone to repeatedly try to guess your username and password. This could allow unauthorized access to your system. Update to the latest version of the software to fix this issue.

Original title

Original description

Eaton Intelligent Power Protector (IPP) software allows repeated authentication attempts against the web interface login page due to insufficient rate‑limiting controls. This security issue has been fixed in the latest version of Eaton IPP which is available on the Eaton download centre.

nvd CVSS3.1 6.5

Vulnerability type

CWE-307

https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/secu...

Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026