Vulnerabilities > Advantech > Webaccess > 8.3.1

DATE CVE VULNERABILITY TITLE RISK
2019-06-28 CVE-2019-10991 Out-of-bounds Write vulnerability in Advantech Webaccess
In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data.
network
low complexity
advantech CWE-787
critical
 9.8
9.8
2019-06-28 CVE-2019-10989 Out-of-bounds Write vulnerability in Advantech Webaccess
In WebAccess/SCADA Versions 8.3.5 and prior, multiple heap-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data.
network
low complexity
advantech CWE-787
critical
 9.8
9.8
2019-06-28 CVE-2019-10987 Out-of-bounds Write vulnerability in Advantech Webaccess
In WebAccess/SCADA Versions 8.3.5 and prior, multiple out-of-bounds write vulnerabilities are caused by a lack of proper validation of the length of user-supplied data.
network
low complexity
advantech CWE-787
8.8
8.8
2019-06-28 CVE-2019-10985 Path Traversal vulnerability in Advantech Webaccess
In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations.
network
low complexity
advantech CWE-22
critical
 9.1
9.1
2019-06-28 CVE-2019-10983 Out-of-bounds Read vulnerability in Advantech Webaccess
In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vulnerability is caused by a lack of proper validation of user-supplied data.
network
low complexity
advantech CWE-125
7.5
7.5
2019-04-05 CVE-2019-6554 Unspecified vulnerability in Advantech Webaccess
Advantech WebAccess/SCADA, Versions 8.3.5 and prior.
network
low complexity
advantech
7.5
7.5
2019-04-05 CVE-2019-6552 OS Command Injection vulnerability in Advantech Webaccess
Advantech WebAccess/SCADA, Versions 8.3.5 and prior.
network
low complexity
advantech CWE-78
critical
 9.8
9.8
2019-04-05 CVE-2019-6550 Out-of-bounds Write vulnerability in Advantech Webaccess
Advantech WebAccess/SCADA, Versions 8.3.5 and prior.
network
low complexity
advantech CWE-787
critical
 9.8
9.8
2018-10-31 CVE-2018-15707 Cross-site Scripting vulnerability in Advantech Webaccess 8.3.1/8.3.2
Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site scripting in the Bwmainleft.asp page.
network
low complexity
advantech CWE-79
5.4
5.4
2018-10-31 CVE-2018-15706 Path Traversal vulnerability in Advantech Webaccess 8.3.1/8.3.2
WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API.
network
low complexity
advantech CWE-22
6.5
6.5