Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
advantech vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-32954
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an malicious user to remotely read arbitrary files on the file system.
Advantech Webaccess/scada
7.5
CVSSv2
CVE-2021-32930
The affected product’s configuration is vulnerable due to missing authentication, which may allow an malicious user to change configurations and execute arbitrary code on the iView (versions prior to v5.7.03.6182).
Advantech Iview
5
CVSSv2
CVE-2021-32932
The affected product is vulnerable to a SQL injection, which may allow an unauthorized malicious user to disclose information on the iView (versions prior to v5.7.03.6182).
Advantech Iview
4.3
CVSSv2
CVE-2021-34540
Advantech WebAccess 8.4.2 and 8.4.4 allows XSS via the username column of the bwRoot.asp page of WADashboard.
Advantech Webaccess 8.4.4
Advantech Webaccess 8.4.2
6.4
CVSSv2
CVE-2021-27437
The affected product allows malicious users to obtain sensitive information from the WISE-PaaS dashboard. The system contains a hard-coded administrator username and password that can be used to query Grafana APIs. Authentication is not required for exploitation on the WISE-PaaS/...
Advantech Wise-paas/rmm
9
CVSSv2
CVE-2021-22669
Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to escalate...
Advantech Webaccess/scada
4.3
CVSSv2
CVE-2021-27436
WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an malicious user to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a maliciou...
Advantech Webaccess/scada
7.5
CVSSv2
CVE-2019-18235
Advantech Spectre RT ERT351 Versions 5.1.3 and prior has insufficient login authentication parameters required for the web application may allow an malicious user to gain full access using a brute-force password attack.
Advantech Spectre Rt Ert351 Firmware
5
CVSSv2
CVE-2019-18231
Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an malicious user to intercept the request.
Advantech Spectre Rt Ert351 Firmware
4.3
CVSSv2
CVE-2019-18233
In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing malicious users to use a reflected XSS attack.
Advantech Spectre Rt Ert351 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »