Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
advantech vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-16716
A SQL Injection issue exists in WebAccess versions before 8.3. WebAccess does not properly sanitize its inputs for SQL commands.
Advantech Webaccess
1 EDB exploit
9.8
CVSSv3
CVE-2017-16724
A Stack-based Buffer Overflow issue exists in Advantech WebAccess versions before 8.3. There are multiple instances of a vulnerability that allows too much data to be written to a location on the stack.
Advantech Webaccess
9.8
CVSSv3
CVE-2017-16720
A Path Traversal issue exists in WebAccess versions 8.3.2 and previous versions. An attacker has access to files within the directory structure of the target device.
Advantech Webaccess
1 EDB exploit
9.8
CVSSv3
CVE-2017-12706
A stack-based buffer overflow issue exists in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, whic...
Advantech Webaccess
9.8
CVSSv3
CVE-2017-12708
An Improper Restriction Of Operations Within The Bounds Of A Memory Buffer issue exists in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities that allow invalid locations to be referenced for the memory buffer, which may allo...
Advantech Webaccess
9.8
CVSSv3
CVE-2017-12698
An Improper Authentication issue exists in Advantech WebAccess versions prior to V8.2_20170817. Specially crafted requests allow a possible authentication bypass that could allow remote code execution.
Advantech Webaccess
9.8
CVSSv3
CVE-2017-7909
A Use of Client-Side Authentication issue exists in Advantech B+B SmartWorx MESR901 firmware versions 1.5.2 and prior. The web interface uses JavaScript to check client authentication and redirect unauthorized users. Attackers may intercept requests and bypass authentication to a...
Advantech B\\+b Smartworx Mesr901 Firmware
9.8
CVSSv3
CVE-2017-5154
An issue exists in Advantech WebAccess Version 8.1. To be able to exploit the SQL injection vulnerability, an attacker must supply malformed input to the WebAccess software. Successful attack could result in administrative access to the application and its data files.
Advantech Webaccess 8.1
9.8
CVSSv3
CVE-2016-2275
The web interface on Advantech/B+B SmartWorx VESP211-EU devices with firmware 1.7.2 and VESP211-232 devices with firmware 1.5.1 and 1.7.2 relies on the client to implement access control, which allows remote malicious users to perform administrative actions via modified JavaScrip...
Advantech Vesp211-eu Firmware 1.7.2
Advantech Vesp211-232 Firmware 1.5.1
Advantech Vesp211-232 Firmware 1.7.2
9.8
CVSSv3
CVE-2016-0854
Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess prior to 8.1 allows remote malicious users to write to files of arbitrary types via unspecified vectors.
Advantech Webaccess
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »