Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webaccess vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2019-10985
In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator.
Advantech Webaccess
9.1
CVSSv3
CVE-2017-5152
An issue exists in Advantech WebAccess Version 8.1. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access pages unrestricted (AUTHENTICATION BYPASS).
Advantech Webaccess 8.1
8.8
CVSSv3
CVE-2021-22669
Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to escalate...
8.8
CVSSv3
CVE-2020-25161
The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an malicious user to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator.
Advantech Webaccess\\/scada
8.8
CVSSv3
CVE-2020-13551
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM ...
Advantech Webaccess\\/scada 9.0.1
8.8
CVSSv3
CVE-2020-13552
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loa...
Advantech Webaccess\\/scada 9.0.1
8.8
CVSSv3
CVE-2020-13553
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to e...
Advantech Webaccess\\/scada 9.0.1
8.8
CVSSv3
CVE-2020-13555
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM pri...
Advantech Webaccess\\/scada 9.0.1
8.8
CVSSv3
CVE-2020-12026
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control.
Advantech Webaccess
Advantech Webaccess 9.0.0
8.8
CVSSv3
CVE-2020-10603
WebAccess/NMS (versions before 3.0.2) does not properly sanitize user input and may allow an malicious user to inject system commands remotely.
Advantech Webaccess\\/nms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »