Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webaccess vulnerabilities and exploits
(subscribe to this query)
6.3
CVSSv3
CVE-2017-14016
A Stack-based Buffer Overflow issue exists in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an malicious user to execute arbitrary cod...
Advantech Webaccess
1 EDB exploit
9.8
CVSSv3
CVE-2016-5817
SQL injection vulnerability in news pages in Cargotec Navis WebAccess prior to 2016-08-10 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Navis Webaccess
8.8
CVSSv3
CVE-2018-15704
Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability by sending a crafted HTTP request to broadweb/system/opcImg.asp.
Advantech Webaccess
9.8
CVSSv3
CVE-2016-0854
Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess prior to 8.1 allows remote malicious users to write to files of arbitrary types via unspecified vectors.
Advantech Webaccess
1 EDB exploit
9.8
CVSSv3
CVE-2017-16720
A Path Traversal issue exists in WebAccess versions 8.3.2 and previous versions. An attacker has access to files within the directory structure of the target device.
Advantech Webaccess
1 EDB exploit
7.5
CVSSv3
CVE-2017-16736
An Unrestricted Upload Of File With Dangerous Type issue exists in Advantech WebAccess versions before 8.3. WebAccess allows a remote malicious user to upload arbitrary files.
Advantech Webaccess
9.8
CVSSv3
CVE-2017-12698
An Improper Authentication issue exists in Advantech WebAccess versions prior to V8.2_20170817. Specially crafted requests allow a possible authentication bypass that could allow remote code execution.
Advantech Webaccess
8.8
CVSSv3
CVE-2017-12702
An Externally Controlled Format String issue exists in Advantech WebAccess versions prior to V8.2_20170817. String format specifiers based on user provided input are not properly validated, which could allow an malicious user to execute arbitrary code.
Advantech Webaccess
8.8
CVSSv3
CVE-2017-12704
A heap-based buffer overflow issue exists in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to the heap-based buffer, whic...
Advantech Webaccess
7.5
CVSSv3
CVE-2017-12710
A SQL Injection issue exists in Advantech WebAccess versions prior to V8.2_20170817. By submitting a specially crafted parameter, it is possible to inject arbitrary SQL statements that could allow an malicious user to obtain sensitive information.
Advantech Webaccess
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »