Vulnerabilities > Advantech > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-02-23 CVE-2020-25161 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Advantech Webaccess/Scada
The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator.
network
low complexity
advantech CWE-610
6.5
2021-02-17 CVE-2020-13550 Path Traversal vulnerability in Advantech Webaccess/Scada 9.0.1
A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1.
network
low complexity
advantech CWE-22
4.0
2021-02-11 CVE-2021-22656 Path Traversal vulnerability in Advantech Iview 5.6
Advantech iView versions prior to v5.7.03.6112 are vulnerable to directory traversal, which may allow an attacker to read sensitive files.
network
low complexity
advantech CWE-22
5.0
2021-02-11 CVE-2021-22654 SQL Injection vulnerability in Advantech Iview 5.6
Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an unauthorized attacker to disclose information.
network
low complexity
advantech CWE-89
5.0
2020-10-20 CVE-2020-25157 SQL Injection vulnerability in Advantech R-Seenet
The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection, which allows a remote attacker to invoke queries on the database and retrieve sensitive information.
network
low complexity
advantech CWE-89
5.0
2020-08-06 CVE-2020-16211 Out-of-bounds Read vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior.
local
low complexity
advantech CWE-125
5.5
2020-07-15 CVE-2020-14501 Missing Authentication for Critical Function vulnerability in Advantech Iview 5.6
Advantech iView, versions 5.6 and prior, has an improper authentication for critical function (CWE-306) issue.
network
low complexity
advantech CWE-306
5.0
2020-07-15 CVE-2020-14499 Unspecified vulnerability in Advantech Iview 5.6
Advantech iView, versions 5.6 and prior, has an improper access control vulnerability.
network
low complexity
advantech
5.0
2020-05-08 CVE-2020-12026 Path Traversal vulnerability in Advantech Webaccess
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.
network
low complexity
advantech CWE-22
6.5
2020-05-08 CVE-2020-12018 Out-of-bounds Read vulnerability in Advantech Webaccess
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.
network
low complexity
advantech CWE-125
5.0