Vulnerabilities > Advantech

DATE CVE VULNERABILITY TITLE RISK
2021-08-05 CVE-2021-21805 OS Command Injection vulnerability in Advantech R-Seenet 2.4.12
An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020).
network
low complexity
advantech CWE-78
critical
10.0
2021-07-16 CVE-2021-21804 Inclusion of Functionality from Untrusted Control Sphere vulnerability in Advantech R-Seenet 2.4.12
A local file inclusion (LFI) vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020).
network
low complexity
advantech CWE-829
7.5
2021-07-16 CVE-2021-21803 Cross-site Scripting vulnerability in Advantech R-Seenet 2.4.12
This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications.
network
advantech CWE-79
4.3
2021-07-16 CVE-2021-21802 Cross-site Scripting vulnerability in Advantech R-Seenet 2.4.12
This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications.
network
advantech CWE-79
4.3
2021-07-16 CVE-2021-21801 Cross-site Scripting vulnerability in Advantech R-Seenet 2.4.12
This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications.
network
advantech CWE-79
4.3
2021-07-16 CVE-2021-21800 Cross-site Scripting vulnerability in Advantech R-Seenet 2.4.12
Cross-site scripting vulnerabilities exist in the ssh_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020).
network
advantech CWE-79
4.3
2021-07-16 CVE-2021-21799 Cross-site Scripting vulnerability in Advantech R-Seenet 2.4.12
Cross-site scripting vulnerabilities exist in the telnet_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020).
network
advantech CWE-79
4.3
2021-06-24 CVE-2021-33004 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31
The affected product is vulnerable to memory corruption condition due to lack of proper validation of user supplied files, which may allow an attacker to execute arbitrary code.
network
advantech CWE-119
6.8
2021-06-24 CVE-2021-33002 Out-of-bounds Write vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31
Opening a maliciously crafted project file may cause an out-of-bounds write, which may allow an attacker to execute arbitrary code.
network
advantech CWE-787
6.8
2021-06-24 CVE-2021-33000 Out-of-bounds Write vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31
Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an attacker to perform arbitrary code execution.
network
advantech CWE-787
6.8