Vulnerabilities > Advantech > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-08 | CVE-2020-12014 | SQL Injection vulnerability in Advantech Webaccess Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. | 7.5 |
| 2020-05-08 | CVE-2020-12010 | Path Traversal vulnerability in Advantech Webaccess Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. | 7.1 |
| 2020-04-09 | CVE-2020-10629 | XXE vulnerability in Advantech Webaccess/Nms 2.0.3 WebAccess/NMS (versions prior to 3.0.2) does not sanitize XML input. | 7.5 |
| 2020-04-09 | CVE-2020-10617 | SQL Injection vulnerability in Advantech Webaccess/Nms 2.0.3 There are multiple ways an unauthenticated attacker could perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information. | 7.5 |
| 2020-04-09 | CVE-2020-10603 | OS Command Injection vulnerability in Advantech Webaccess/Nms 2.0.3 WebAccess/NMS (versions prior to 3.0.2) does not properly sanitize user input and may allow an attacker to inject system commands remotely. | 8.8 |
| 2020-04-01 | CVE-2019-3942 | Insufficiently Protected Credentials vulnerability in Advantech Webaccess 8.3.4 Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. | 7.5 |
| 2020-03-27 | CVE-2020-10607 | Out-of-bounds Write vulnerability in Advantech Webaccess In Advantech WebAccess, Versions 8.4.2 and prior. | 8.8 |
| 2019-10-31 | CVE-2019-18227 | XXE vulnerability in Advantech Wise-Paas/Rmm 3.3.29 Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. | 7.5 |
| 2019-09-26 | CVE-2019-16901 | Improper Handling of Exceptional Conditions vulnerability in Advantech Webaccess/Hmi Designer 2.1.9.31 Advantech WebAccess/HMI Designer 2.1.9.31 has Exception Handler Chain corruption starting at Unknown Symbol @ 0x0000000000000000 called from ntdll!RtlRaiseStatus+0x00000000000000b4. | 7.5 |
| 2019-09-26 | CVE-2019-16900 | Unspecified vulnerability in Advantech Webaccess/Hmi Designer 2.1.9.31 Advantech WebAccess/HMI Designer 2.1.9.31 has a User Mode Write AV starting at MSVCR90!memcpy+0x000000000000015c. | 7.5 |