Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webaccess scada vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-6523
WebAccess/SCADA, Version 8.3. The software does not properly sanitize its inputs for SQL commands.
Advantech Webaccess\\/scada 8.3
8.8
CVSSv3
CVE-2020-13551
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM ...
Advantech Webaccess\\/scada 9.0.1
8.8
CVSSv3
CVE-2020-13555
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM pri...
Advantech Webaccess\\/scada 9.0.1
7.3
CVSSv3
CVE-2018-18999
WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1. Lack of proper validation of user supplied input may allow an malicious user to cause the overflow of a buffer on the stack.
Advantech Webaccess\\/scada 8.3.2
8.6
CVSSv3
CVE-2019-6521
WebAccess/SCADA, Version 8.3. Specially crafted requests could allow a possible authentication bypass that could allow an malicious user to obtain and manipulate sensitive information.
Advantech Webaccess\\/scada 8.3
6.5
CVSSv3
CVE-2018-15705
WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated malicious users to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrar...
Advantech Webaccess 8.3.1
Advantech Webaccess 8.3.2
1 EDB exploit
5.4
CVSSv3
CVE-2018-15707
Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site scripting in the Bwmainleft.asp page. An attacker could leverage this vulnerability to disclose credentials amongst other things.
Advantech Webaccess 8.3.1
Advantech Webaccess 8.3.2
1 EDB exploit
NA
CVE-2013-2299
Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess) prior to 7.1 2013.05.30 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Advantech Advantech Webaccess 5.0
Advantech Advantech Webaccess
Advantech Advantech Webaccess 6.0
1 EDB exploit
NA
CVE-2012-0241
Advantech/BroadWin WebAccess prior to 7.0 allows remote malicious users to cause a denial of service (memory corruption) via a modified stream identifier to a function.
Advantech Advantech Webaccess 5.0
Advantech Advantech Webaccess
2 EDB exploits
NA
CVE-2011-4041
webvrpcs.exe in Advantech/BroadWin WebAccess allows remote malicious users to execute arbitrary code or obtain a security-code value via a long string in an RPC request to TCP port 4592.
Broadwin Webaccess
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »