Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
advantech vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2021-42706
This vulnerability could allow an malicious user to disclose information and execute arbitrary code on affected installations of WebAccess/MHI Designer
Advantech Webaccess Hmi Designer
5
CVSSv2
CVE-2021-32951
WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS.
Advantech Webaccess/nms
7.5
CVSSv2
CVE-2021-33023
Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an malicious user to remotely execute code.
Advantech Webaccess
7.5
CVSSv2
CVE-2021-38389
Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an malicious user to remotely execute code.
Advantech Webaccess
4
CVSSv2
CVE-2021-38431
An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users.
Advantech Webaccess Scada
7.5
CVSSv2
CVE-2021-38408
A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.
Advantech Webaccess
7.5
CVSSv2
CVE-2021-32943
The affected product is vulnerable to a stack-based buffer overflow, which may allow an malicious user to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions before 8.4.5, WebAccess/SCADA versions before 9.0.1).
Advantech Webaccess/scada
4.3
CVSSv2
CVE-2021-22676
UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could allow an malicious user to send malicious JavaScript code. This could result in hijacking of cookie/session tokens, redirection to a malicious webpage, and unintended browser action o...
Advantech Webaccess/scada
4
CVSSv2
CVE-2021-22674
The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions before 8.4.5, WebAccess/SCADA versions before 9.0.1).
Advantech Webaccess/scada
10
CVSSv2
CVE-2021-21805
An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request to trigger this vulnerability.
Advantech R-seenet 2.4.12
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »