Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
advantech vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2018-6911
The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote malicious users to execute arbitrary OS commands via a single argument (aka the command parameter).
Advantech Webaccess 8.3.0
1 EDB exploit
1000
VMScore
CVE-2017-16720
A Path Traversal issue exists in WebAccess versions 8.3.2 and previous versions. An attacker has access to files within the directory structure of the target device.
Advantech Webaccess
1 EDB exploit
1000
VMScore
CVE-2016-0854
Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess prior to 8.1 allows remote malicious users to write to files of arbitrary types via unspecified vectors.
Advantech Webaccess
1 EDB exploit
1000
VMScore
CVE-2014-9208
Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess prior to 8.0.1 allow remote malicious users to execute arbitrary code via unknown vectors.
Advantech Webaccess
1 EDB exploit
1000
VMScore
CVE-2012-0242
Format string vulnerability in Advantech/BroadWin WebAccess prior to 7.0 allows remote malicious users to execute arbitrary code via format string specifiers in a message string.
Advantech Advantech Webaccess 5.0
Advantech Advantech Webaccess
1 EDB exploit
1000
VMScore
CVE-2011-4041
webvrpcs.exe in Advantech/BroadWin WebAccess allows remote malicious users to execute arbitrary code or obtain a security-code value via a long string in an RPC request to TCP port 4592.
Broadwin Webaccess
1 EDB exploit
935
VMScore
CVE-2011-0340
Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 301.1009.2904.0 in the ISSymbol virtual machine, as distributed in Advantech Studio 6.1 SP6 61.6.01.05, InduSoft Web Studio prior to 7.0+SP1, and InduSoft Thin Client 7.0, allow remote maliciou...
Indusoft Web Studio
Indusoft Web Studio 6.1
Indusoft Thin Client 7.0
Advantech Advantech Studio 6.1
1 EDB exploit
905
VMScore
CVE-2014-8387
cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi.
Advantech Eki-6340 Firmware 2.05
Advantech Eki-6340 -
1 EDB exploit
891
VMScore
CVE-2016-0856
Multiple stack-based buffer overflows in Advantech WebAccess prior to 8.1 allow remote malicious users to execute arbitrary code via unspecified vectors.
Advantech Webaccess
890
VMScore
CVE-2021-21805
An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request to trigger this vulnerability.
Advantech R-seenet 2.4.12
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »