Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

advantech vulnerabilities and exploits

(subscribe to this query)

4
CVSSv2
CVE-2014-2366
upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenticated users to discover credentials by reading HTML source code....
Advantech Advantech Webaccess 5.0Advantech Advantech Webaccess 6.0Advantech Advantech Webaccess 7.0Advantech Advantech Webaccess
6.4
CVSSv2
CVE-2012-0237
Advantech/BroadWin WebAccess before 7.0 allows remote attackers to (1) enable date and time syncing or (2) disable date and time syncing via a crafted URL....
Advantech Advantech Webaccess 5.0Advantech Advantech Webaccess
10
CVSSv2
CVE-2011-4526
Buffer overflow in an ActiveX control in Advantech/BroadWin WebAccess before 7.0 might allow remote attackers to execute arbitrary code via a long string value in unspecified parameters....
Advantech Advantech Webaccess 5.0Advantech Advantech Webaccess
7.5
CVSSv2
CVE-2014-0770
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long UserName parameter....
Advantech Advantech Webaccess 5.0Advantech Advantech Webaccess 6.0Advantech Advantech Webaccess 7.0Advantech Advantech Webaccess
5
CVSSv2
CVE-2014-0771
The OpenUrlToBuffer method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a file: URL....
Advantech Advantech Webaccess 5.0Advantech Advantech Webaccess 6.0Advantech Advantech Webaccess 7.0Advantech Advantech Webaccess
7.5
CVSSv2
CVE-2018-7505
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a TFTP application has unrestricted file uploads to the...
Advantech WebaccessAdvantech Webaccess DashboardAdvantech Webaccess ScadaAdvantech Webaccess\\/nms
7.5
CVSSv2
CVE-2018-7497
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several untrusted pointer dereference vulnerabilities...
Advantech WebaccessAdvantech Webaccess DashboardAdvantech Webaccess ScadaAdvantech Webaccess\\/nms
5
CVSSv2
CVE-2014-2368
The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call....
Advantech Advantech Webaccess 5.0Advantech Advantech Webaccess 6.0Advantech Advantech Webaccess 7.0Advantech Advantech Webaccess
7.5
CVSSv2
CVE-2014-0766
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long NodeName2 argument....
Advantech Advantech Webaccess 5.0Advantech Advantech Webaccess 6.0Advantech Advantech Webaccess 7.0Advantech Advantech Webaccess
7.5
CVSSv2
CVE-2014-0768
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long AccessCode2 argument....
Advantech Advantech Webaccess 5.0Advantech Advantech Webaccess 6.0Advantech Advantech Webaccess 7.0Advantech Advantech Webaccess
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-24686CVE-2021-21298CVE-2021-69420server-side request forgeryCVE-2021-23957microsoftSSTI.netSQLCVE-2021-21273CVE-2021-25281