Vulnerabilities > Advantech > Critical

DATE CVE VULNERABILITY TITLE RISK
2015-02-13 CVE-2014-8385 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Eki-1200 Gateway Series Firmware
Buffer overflow on Advantech EKI-1200 gateways with firmware before 1.63 allows remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
advantech CWE-119
critical
10.0
2014-11-20 CVE-2014-8387 OS Command Injection vulnerability in Advantech Eki-6340 and Eki-6340 Firmware
cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi.
network
low complexity
advantech CWE-78
critical
9.0
2012-02-21 CVE-2012-0243 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0
Buffer overflow in an ActiveX control in bwocxrun.ocx in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code by leveraging the ability to write arbitrary content to any pathname.
network
low complexity
advantech CWE-119
critical
10.0
2012-02-21 CVE-2012-0242 USE of Externally-Controlled Format String vulnerability in Advantech Webaccess 5.0/6.0
Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via format string specifiers in a message string.
network
low complexity
advantech CWE-134
critical
10.0
2012-02-21 CVE-2012-0240 Improper Authentication vulnerability in Advantech Webaccess 5.0/6.0
GbScriptAddUp.asp in Advantech/BroadWin WebAccess before 7.0 does not properly perform authentication, which allows remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
advantech CWE-287
critical
10.0
2012-02-21 CVE-2012-0238 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0
Stack-based buffer overflow in opcImg.asp in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
advantech CWE-119
critical
10.0
2012-02-21 CVE-2011-4526 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0
Buffer overflow in an ActiveX control in Advantech/BroadWin WebAccess before 7.0 might allow remote attackers to execute arbitrary code via a long string value in unspecified parameters.
network
low complexity
advantech CWE-119
critical
10.0
2012-02-21 CVE-2011-4525 Permissions, Privileges, and Access Controls vulnerability in Advantech Webaccess 5.0/6.0
Advantech/BroadWin WebAccess before 7.0 allows remote attackers to trigger the extraction of arbitrary web content into a batch file on a client system, and execute this batch file, via unspecified vectors.
network
low complexity
advantech CWE-264
critical
10.0
2012-02-21 CVE-2011-4524 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0
Buffer overflow in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via a long string value in unspecified parameters.
network
low complexity
advantech CWE-119
critical
10.0
2012-02-21 CVE-2011-1914 Buffer Errors vulnerability in Advantech products
Buffer overflow in the Advantech ADAM OLE for Process Control (OPC) Server ActiveX control in ADAM OPC Server before 3.01.012, Modbus RTU OPC Server before 3.01.010, and Modbus TCP OPC Server before 3.01.010 allows remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
advantech CWE-119
critical
10.0