Vulnerabilities > Advantech > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-23 | CVE-2020-25161 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Advantech Webaccess/Scada The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator. | 6.5 |
| 2021-02-17 | CVE-2020-13550 | Path Traversal vulnerability in Advantech Webaccess/Scada 9.0.1 A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. | 4.0 |
| 2021-02-11 | CVE-2021-22656 | Path Traversal vulnerability in Advantech Iview 5.6 Advantech iView versions prior to v5.7.03.6112 are vulnerable to directory traversal, which may allow an attacker to read sensitive files. | 5.0 |
| 2021-02-11 | CVE-2021-22654 | SQL Injection vulnerability in Advantech Iview 5.6 Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an unauthorized attacker to disclose information. | 5.0 |
| 2020-10-20 | CVE-2020-25157 | SQL Injection vulnerability in Advantech R-Seenet The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection, which allows a remote attacker to invoke queries on the database and retrieve sensitive information. | 5.0 |
| 2020-08-06 | CVE-2020-16211 | Out-of-bounds Read vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31 Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. | 5.5 |
| 2020-07-15 | CVE-2020-14501 | Missing Authentication for Critical Function vulnerability in Advantech Iview 5.6 Advantech iView, versions 5.6 and prior, has an improper authentication for critical function (CWE-306) issue. | 5.0 |
| 2020-07-15 | CVE-2020-14499 | Unspecified vulnerability in Advantech Iview 5.6 Advantech iView, versions 5.6 and prior, has an improper access control vulnerability. | 5.0 |
| 2020-05-08 | CVE-2020-12026 | Path Traversal vulnerability in Advantech Webaccess Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. | 6.5 |
| 2020-05-08 | CVE-2020-12018 | Out-of-bounds Read vulnerability in Advantech Webaccess Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. | 5.0 |