Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webaccess vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-33023
Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an malicious user to remotely execute code.
Advantech Webaccess
7.5
CVSSv2
CVE-2021-38389
Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an malicious user to remotely execute code.
Advantech Webaccess
4
CVSSv2
CVE-2021-38431
An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users.
Advantech Webaccess Scada
7.5
CVSSv2
CVE-2021-38408
A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.
Advantech Webaccess
7.5
CVSSv2
CVE-2021-32943
The affected product is vulnerable to a stack-based buffer overflow, which may allow an malicious user to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions before 8.4.5, WebAccess/SCADA versions before 9.0.1).
Advantech Webaccess\\/scada
4.3
CVSSv2
CVE-2021-22676
UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could allow an malicious user to send malicious JavaScript code. This could result in hijacking of cookie/session tokens, redirection to a malicious webpage, and unintended browser action o...
Advantech Webaccess\\/scada
4
CVSSv2
CVE-2021-22674
The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions before 8.4.5, WebAccess/SCADA versions before 9.0.1).
Advantech Webaccess\\/scada
6.8
CVSSv2
CVE-2021-33004
The affected product is vulnerable to memory corruption condition due to lack of proper validation of user supplied files, which may allow an malicious user to execute arbitrary code. User interaction is required on the WebAccess HMI Designer (versions 2.1.9.95 and prior).
Advantech Webaccess\\/hmi Designer
6.8
CVSSv2
CVE-2021-33000
Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an malicious user to perform arbitrary code execution. User interaction is required on the WebAccess HMI Designer (versions 2.1.9.95 and prior).
Advantech Webaccess\\/hmi Designer
6.8
CVSSv2
CVE-2021-33002
Opening a maliciously crafted project file may cause an out-of-bounds write, which may allow an malicious user to execute arbitrary code. User interaction is require on the WebAccess HMI Designer (versions 2.1.9.95 and prior).
Advantech Webaccess\\/hmi Designer
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »