Vulnerabilities > Advantech > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-02-13 | CVE-2014-8385 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Eki-1200 Gateway Series Firmware Buffer overflow on Advantech EKI-1200 gateways with firmware before 1.63 allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
| 2014-11-20 | CVE-2014-8387 | OS Command Injection vulnerability in Advantech Eki-6340 and Eki-6340 Firmware cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi. | 9.0 |
| 2012-02-21 | CVE-2012-0243 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0 Buffer overflow in an ActiveX control in bwocxrun.ocx in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code by leveraging the ability to write arbitrary content to any pathname. | 10.0 |
| 2012-02-21 | CVE-2012-0242 | USE of Externally-Controlled Format String vulnerability in Advantech Webaccess 5.0/6.0 Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via format string specifiers in a message string. | 10.0 |
| 2012-02-21 | CVE-2012-0240 | Improper Authentication vulnerability in Advantech Webaccess 5.0/6.0 GbScriptAddUp.asp in Advantech/BroadWin WebAccess before 7.0 does not properly perform authentication, which allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
| 2012-02-21 | CVE-2012-0238 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0 Stack-based buffer overflow in opcImg.asp in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
| 2012-02-21 | CVE-2011-4526 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0 Buffer overflow in an ActiveX control in Advantech/BroadWin WebAccess before 7.0 might allow remote attackers to execute arbitrary code via a long string value in unspecified parameters. | 10.0 |
| 2012-02-21 | CVE-2011-4525 | Permissions, Privileges, and Access Controls vulnerability in Advantech Webaccess 5.0/6.0 Advantech/BroadWin WebAccess before 7.0 allows remote attackers to trigger the extraction of arbitrary web content into a batch file on a client system, and execute this batch file, via unspecified vectors. | 10.0 |
| 2012-02-21 | CVE-2011-4524 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0 Buffer overflow in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via a long string value in unspecified parameters. | 10.0 |
| 2012-02-21 | CVE-2011-1914 | Buffer Errors vulnerability in Advantech products Buffer overflow in the Advantech ADAM OLE for Process Control (OPC) Server ActiveX control in ADAM OPC Server before 3.01.012, Modbus RTU OPC Server before 3.01.010, and Modbus TCP OPC Server before 3.01.010 allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |