Eaton UPS 9PX 8000 SP SNMP Version 3 Password Disclosure Vulnerability

Eaton UPS 9PX 8000 SP SNMP Version 3 Password Disclosure Vulnerability

CVE-2018-9280 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

An issue was discovered on Eaton UPS 9PX 8000 SP devices. The appliance discloses the SNMP version 3 user's password. The web page displayed by the appliance contains the password in cleartext. Passwords of the read and write users could be retrieved by browsing the source code of the webpage.

Learn more about our Web App Pen Testing.