Vulnerabilities > Advantech > High

DATE CVE VULNERABILITY TITLE RISK
2020-06-15 CVE-2020-12019 Out-of-bounds Write vulnerability in Advantech Webaccess
WebAccess Node Version 8.4.4 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.
network
low complexity
advantech CWE-787
7.5
7.5
2020-05-08 CVE-2020-12022 Improper Validation of Array Index vulnerability in Advantech Webaccess
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.
network
low complexity
advantech CWE-129
7.5
7.5
2020-05-08 CVE-2020-12006 Path Traversal vulnerability in Advantech Webaccess
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.
network
low complexity
advantech CWE-22
7.5
7.5
2020-05-08 CVE-2020-12002 Out-of-bounds Write vulnerability in Advantech Webaccess
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.
network
low complexity
advantech CWE-787
7.5
7.5
2020-05-08 CVE-2020-10638 Out-of-bounds Write vulnerability in Advantech Webaccess
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.
network
low complexity
advantech CWE-787
7.5
7.5
2020-04-09 CVE-2020-10631 Path Traversal vulnerability in Advantech Webaccess/Nms
An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS's (versions prior to 3.0.2) control.
network
low complexity
advantech CWE-22
7.5
7.5
2020-04-09 CVE-2020-10625 Missing Authentication for Critical Function vulnerability in Advantech Webaccess/Nms
WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remote user to create a new admin account.
network
low complexity
advantech CWE-306
7.5
7.5
2019-12-17 CVE-2019-18257 Out-of-bounds Write vulnerability in Advantech Diaganywhere 3.07.11
In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port.
network
low complexity
advantech CWE-787
7.5
7.5
2019-12-12 CVE-2019-3951 Out-of-bounds Write vulnerability in Advantech Webaccess
Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533 RPC messages.
network
low complexity
advantech CWE-787
7.5
7.5
2019-09-10 CVE-2019-3975 Classic Buffer Overflow vulnerability in Advantech Webaccess 8.4.1
Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows a remote, unauthenticated attacker to execute arbitrary code via a crafted IOCTL 70603 RPC message.
network
low complexity
advantech CWE-120
7.5
7.5