Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webaccess scada vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-7505
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions before 8.3.1, and WebAccess/NMS 2.0.3 and prior, a TFTP application has unrestricted file uploads to the we...
Advantech Webaccess
Advantech Webaccess Dashboard
Advantech Webaccess Scada
Advantech Webaccess\\/nms
7.2
CVSSv3
CVE-2023-22450
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an malicious user to upload an ASP script file to a webserver when logged in as manager user, which can lead to arbitrary code execution.
Advantech Webaccess\\/scada
9.8
CVSSv3
CVE-2023-32540
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an malicious user to overwrite any file in the operating system (including system files), inject code into an XLS file, and modify the file extension, which could ...
Advantech Webaccess\\/scada
9.8
CVSSv3
CVE-2023-32628
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an malicious user to modify the file extension of a certificate file to ASP when uploading it, which can lead to remote code execution.
Advantech Webaccess\\/scada
9.8
CVSSv3
CVE-2021-32943
The affected product is vulnerable to a stack-based buffer overflow, which may allow an malicious user to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions before 8.4.5, WebAccess/SCADA versions before 9.0.1).
Advantech Webaccess\\/scada
6.1
CVSSv3
CVE-2021-32956
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to redirection, which may allow an malicious user to send a maliciously crafted URL that could result in redirecting a user to a malicious webpage.
Advantech Webaccess\\/scada
6.5
CVSSv3
CVE-2021-22674
The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions before 8.4.5, WebAccess/SCADA versions before 9.0.1).
Advantech Webaccess\\/scada
6.1
CVSSv3
CVE-2021-22676
UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could allow an malicious user to send malicious JavaScript code. This could result in hijacking of cookie/session tokens, redirection to a malicious webpage, and unintended browser action o...
Advantech Webaccess\\/scada
9.8
CVSSv3
CVE-2023-1437
All versions before 9.1.4 of Advantech WebAccess/SCADA are vulnerable to use of untrusted pointers. The RPC arguments the client sent could contain raw memory pointers for the server to use as-is. This could allow an malicious user to gain access to the remote file system and the...
Advantech Webaccess\\/scada
4.3
CVSSv3
CVE-2021-38431
An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users.
Advantech Webaccess Scada
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »