CVE-2025-48394

August 6, 2025 invoker category_cve

CVE Details

Basic Information

Title CVE-2025-48394
Type cve
Published 2025-08-06T15:25:41.219Z
Modified 2025-08-06T15:50:01.680Z

Product Information

Vendor Eaton
Product G4 PDU
Version 0

CVSS Information

Base Score 4.7 (MEDIUM)
Attack Vector CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

AI Analysis

AI Description A vulnerability in Eaton’s G4 PDU allows authenticated users with privileges to modify non-sensitive files via path traversal in the CLI. This issue has been resolved in the latest version.
AI Severity Medium
AI Vendor Eaton
AI Product G4 PDU
AI Version 0

Affected Products

  • Eaton G4 PDU 0

Additional Information

CWE List CWE-22
Source Eaton

Description

An attacker with authenticated and privileged access could modify the contents of a non-sensitive file by traversing the path in the limited shell of the CLI. This security issue has been fixed in the latest version which is available on the Eaton download center.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.