Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webaccess vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-15704
Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability by sending a crafted HTTP request to broadweb/system/opcImg.asp.
Advantech Webaccess
9.8
CVSSv3
CVE-2019-13550
In WebAccess, versions 8.4.1 and prior, an improper authorization vulnerability may allow an malicious user to disclose sensitive information, cause improper control of generation of code, which may allow remote code execution or cause a system crash.
Advantech Webaccess
8.8
CVSSv3
CVE-2019-13552
In WebAccess versions 8.4.1 and prior, multiple command injection vulnerabilities are caused by a lack of proper validation of user-supplied data and may allow arbitrary file deletion and remote code execution.
Advantech Webaccess
8.8
CVSSv3
CVE-2019-13556
In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.
Advantech Webaccess
9.8
CVSSv3
CVE-2019-13558
In WebAccess versions 8.4.1 and prior, an exploit executed over the network may cause improper control of generation of code, which may allow remote code execution, data exfiltration, or cause a system crash.
Advantech Webaccess
6.6
CVSSv3
CVE-2016-4525
Unspecified ActiveX controls in Advantech WebAccess prior to 8.1_20160519 allow remote authenticated users to obtain sensitive information or modify data via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag.
Advantech Webaccess
6.3
CVSSv3
CVE-2017-14016
A Stack-based Buffer Overflow issue exists in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an malicious user to execute arbitrary cod...
Advantech Webaccess
1 EDB exploit
8.8
CVSSv3
CVE-2020-10607
In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.
Advantech Webaccess
5.3
CVSSv3
CVE-2015-3943
Advantech WebAccess prior to 8.1 allows remote malicious users to read sensitive cleartext information about e-mail project accounts via unspecified vectors.
Advantech Webaccess
1 Github repository
NA
CVE-2014-8388
Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, prior to 8.0 allows remote malicious users to execute arbitrary code via a crafted ip_address parameter in an HTML document.
Advantech Webaccess
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »