Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
advantech advantech webaccess vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-13552
In WebAccess versions 8.4.1 and prior, multiple command injection vulnerabilities are caused by a lack of proper validation of user-supplied data and may allow arbitrary file deletion and remote code execution.
Advantech Webaccess
9.8
CVSSv3
CVE-2019-13558
In WebAccess versions 8.4.1 and prior, an exploit executed over the network may cause improper control of generation of code, which may allow remote code execution, data exfiltration, or cause a system crash.
Advantech Webaccess
5
CVSSv3
CVE-2016-4528
Buffer overflow in Advantech WebAccess prior to 8.1_20160519 allows local users to cause a denial of service via a crafted DLL file.
Advantech Webaccess
9.8
CVSSv3
CVE-2017-16724
A Stack-based Buffer Overflow issue exists in Advantech WebAccess versions before 8.3. There are multiple instances of a vulnerability that allows too much data to be written to a location on the stack.
Advantech Webaccess
7.5
CVSSv3
CVE-2017-16728
An Untrusted Pointer Dereference issue exists in Advantech WebAccess versions before 8.3. There are multiple vulnerabilities that may allow an malicious user to cause the program to use an invalid memory address, resulting in a program crash.
Advantech Webaccess
6.5
CVSSv3
CVE-2017-16732
A use-after-free issue exists in Advantech WebAccess versions before 8.3. WebAccess allows an unauthenticated malicious user to specify an arbitrary address.
Advantech Webaccess
7.5
CVSSv3
CVE-2017-16753
An Improper Input Validation issue exists in Advantech WebAccess versions before 8.3. WebAccess allows some inputs that may cause the program to crash.
Advantech Webaccess
8.8
CVSSv3
CVE-2020-10607
In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.
Advantech Webaccess
8.1
CVSSv3
CVE-2015-3947
SQL injection vulnerability in Advantech WebAccess prior to 8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Advantech Webaccess
7.5
CVSSv3
CVE-2016-0853
Advantech WebAccess prior to 8.1 allows remote malicious users to obtain sensitive information via crafted input.
Advantech Webaccess
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »