Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
advantech vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-32930
The affected product’s configuration is vulnerable due to missing authentication, which may allow an malicious user to change configurations and execute arbitrary code on the iView (versions prior to v5.7.03.6182).
Advantech Iview
7.5
CVSSv3
CVE-2021-32932
The affected product is vulnerable to a SQL injection, which may allow an unauthorized malicious user to disclose information on the iView (versions prior to v5.7.03.6182).
Advantech Iview
6.1
CVSSv3
CVE-2021-34540
Advantech WebAccess 8.4.2 and 8.4.4 allows XSS via the username column of the bwRoot.asp page of WADashboard.
Advantech Webaccess 8.4.2
Advantech Webaccess 8.4.4
6.1
CVSSv3
CVE-2021-27436
WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an malicious user to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a maliciou...
Advantech Webaccess\\/scada
7.5
CVSSv3
CVE-2019-18231
Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an malicious user to intercept the request.
Advantech Spectre Rt Ert351 Firmware
9.8
CVSSv3
CVE-2019-18235
Advantech Spectre RT ERT351 Versions 5.1.3 and prior has insufficient login authentication parameters required for the web application may allow an malicious user to gain full access using a brute-force password attack.
Advantech Spectre Rt Ert351 Firmware
6.1
CVSSv3
CVE-2019-18233
In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing malicious users to use a reflected XSS attack.
Advantech Spectre Rt Ert351 Firmware
7.8
CVSSv3
CVE-2020-13554
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to e...
Advantech Webaccess\\/scada 9.0.1
9.8
CVSSv3
CVE-2021-22667
BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded credentials, which may allow an malicious user to gain unauthorized access and permit the execution of arbitrary code on the BB-ESWGP506-2SFP-T (versions 1.01.01 and prior).
Advantech Bb-eswgp506-2sfp-t Firmware
8.8
CVSSv3
CVE-2020-25161
The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an malicious user to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator.
Advantech Webaccess\\/scada
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »