Vulnerabilities > Advantech > Webaccess
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-17 | CVE-2023-4215 | Unspecified vulnerability in Advantech Webaccess 9.1.3 Advantech WebAccess version 9.1.3 contains an exposure of sensitive information to an unauthorized actor vulnerability that could leak user credentials. | 7.5 |
2023-06-07 | CVE-2023-2866 | Insufficient Verification of Data Authenticity vulnerability in Advantech Webaccess 8.4.5 If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. | 7.8 |
2021-10-18 | CVE-2021-33023 | Out-of-bounds Write vulnerability in Advantech Webaccess Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code. | 9.8 |
2021-10-18 | CVE-2021-38389 | Out-of-bounds Write vulnerability in Advantech Webaccess Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code. | 9.8 |
2021-09-09 | CVE-2021-38408 | Unspecified vulnerability in Advantech Webaccess A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution. | 9.8 |
2021-06-11 | CVE-2021-34540 | Cross-site Scripting vulnerability in Advantech Webaccess 8.4.2/8.4.4 Advantech WebAccess 8.4.2 and 8.4.4 allows XSS via the username column of the bwRoot.asp page of WADashboard. | 6.1 |
2020-09-22 | CVE-2020-16202 | Unspecified vulnerability in Advantech Webaccess WebAccess Node (All versions prior to 9.0.1) has incorrect permissions set for resources used by specific services, which may allow code execution with system privileges. | 7.8 |
2020-06-15 | CVE-2020-12019 | Out-of-bounds Write vulnerability in Advantech Webaccess WebAccess Node Version 8.4.4 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. | 9.8 |
2020-05-08 | CVE-2020-12026 | Path Traversal vulnerability in Advantech Webaccess Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. | 8.8 |
2020-05-08 | CVE-2020-12022 | Improper Validation of Array Index vulnerability in Advantech Webaccess Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. | 9.8 |