Clear-text Password Disclosure in Eaton UPS 9PX 8000 SP Devices

Clear-text Password Disclosure in Eaton UPS 9PX 8000 SP Devices

CVE-2018-9279 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

An issue was discovered on Eaton UPS 9PX 8000 SP devices. The appliance discloses the user's password. The web page displayed by the appliance contains the password in cleartext. Passwords could be retrieved by browsing the source code of the webpage.

Learn more about our Web App Pen Testing.