Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
advantech vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-21805
An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request to trigger this vulnerability.
Advantech R-seenet 2.4.12
10
CVSSv2
CVE-2021-22667
BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded credentials, which may allow an malicious user to gain unauthorized access and permit the execution of arbitrary code on the BB-ESWGP506-2SFP-T (versions 1.01.01 and prior).
Advantech Bb-eswgp506-2sfp-t Firmware
10
CVSSv2
CVE-2020-10621
Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions before 3.0.2).
Advantech Webaccess\\/nms
10
CVSSv2
CVE-2019-13547
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. There is an unsecured function that allows anyone who can access the IP address to use the function without authentication.
Advantech Wise-paas\\/rmm
10
CVSSv2
CVE-2019-13551
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Path traversal vulnerabilities are caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage these vulnerabilities to remotely execute code while posing as an adminis...
Advantech Wise-paas\\/rmm
10
CVSSv2
CVE-2018-6911
The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote malicious users to execute arbitrary OS commands via a single argument (aka the command parameter).
Advantech Webaccess 8.3.0
1 EDB exploit
10
CVSSv2
CVE-2017-16720
A Path Traversal issue exists in WebAccess versions 8.3.2 and previous versions. An attacker has access to files within the directory structure of the target device.
Advantech Webaccess
1 EDB exploit
10
CVSSv2
CVE-2017-12708
An Improper Restriction Of Operations Within The Bounds Of A Memory Buffer issue exists in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities that allow invalid locations to be referenced for the memory buffer, which may allo...
Advantech Webaccess
10
CVSSv2
CVE-2016-2275
The web interface on Advantech/B+B SmartWorx VESP211-EU devices with firmware 1.7.2 and VESP211-232 devices with firmware 1.5.1 and 1.7.2 relies on the client to implement access control, which allows remote malicious users to perform administrative actions via modified JavaScrip...
Advantech Vesp211-eu Firmware 1.7.2
Advantech Vesp211-232 Firmware 1.5.1
Advantech Vesp211-232 Firmware 1.7.2
10
CVSSv2
CVE-2016-0859
Integer overflow in the Kernel service in Advantech WebAccess prior to 8.1 allows remote malicious users to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted RPC request.
Advantech Webaccess
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28254
CVE-2024-32515
CVE-2024-21338
validation
CVE-2024-32522
dos
CVE-2024-2101
CVE-2024-21107
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »