Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
advantech webaccess scada vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-32540
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an malicious user to overwrite any file in the operating system (including system files), inject code into an XLS file, and modify the file extension, which could ...
Advantech Webaccess\\/scada
8.8
CVSSv3
CVE-2020-25161
The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an malicious user to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator.
Advantech Webaccess\\/scada
6.5
CVSSv3
CVE-2021-22674
The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions before 8.4.5, WebAccess/SCADA versions before 9.0.1).
Advantech Webaccess\\/scada
6.1
CVSSv3
CVE-2021-22676
UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could allow an malicious user to send malicious JavaScript code. This could result in hijacking of cookie/session tokens, redirection to a malicious webpage, and unintended browser action o...
Advantech Webaccess\\/scada
4.3
CVSSv3
CVE-2021-38431
An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users.
Advantech Webaccess Scada
8.8
CVSSv3
CVE-2020-13551
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM ...
Advantech Webaccess\\/scada 9.0.1
8.8
CVSSv3
CVE-2020-13553
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to e...
Advantech Webaccess\\/scada 9.0.1
7.7
CVSSv3
CVE-2020-13550
A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability.
Advantech Webaccess\\/scada 9.0.1
7.8
CVSSv3
CVE-2020-13554
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to e...
Advantech Webaccess\\/scada 9.0.1
9.8
CVSSv3
CVE-2019-6519
WebAccess/SCADA, Version 8.3. An improper authentication vulnerability exists that could allow a possible authentication bypass allowing an malicious user to upload malicious data.
Advantech Webaccess\\/scada 8.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »