Vulnerabilities > Advantech > Webaccess

DATE CVE VULNERABILITY TITLE RISK
2018-02-13 CVE-2018-6911 OS Command Injection vulnerability in Advantech Webaccess 8.3.0
The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote attackers to execute arbitrary OS commands via a single argument (aka the command parameter).
network
low complexity
advantech CWE-78
critical
9.8
2018-01-12 CVE-2017-16736 Unrestricted Upload of File with Dangerous Type vulnerability in Advantech Webaccess
An Unrestricted Upload Of File With Dangerous Type issue was discovered in Advantech WebAccess versions prior to 8.3.
network
low complexity
advantech CWE-434
7.5
2018-01-12 CVE-2017-16732 Use After Free vulnerability in Advantech Webaccess
A use-after-free issue was discovered in Advantech WebAccess versions prior to 8.3.
network
low complexity
advantech CWE-416
6.5
2018-01-05 CVE-2017-16753 Improper Input Validation vulnerability in Advantech Webaccess
An Improper Input Validation issue was discovered in Advantech WebAccess versions prior to 8.3.
network
low complexity
advantech CWE-20
7.5
2018-01-05 CVE-2017-16728 NULL Pointer Dereference vulnerability in Advantech Webaccess
An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to 8.3.
network
low complexity
advantech CWE-476
7.5
2018-01-05 CVE-2017-16724 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess
A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to 8.3.
network
low complexity
advantech CWE-119
critical
9.8
2018-01-05 CVE-2017-16720 Path Traversal vulnerability in Advantech Webaccess
A Path Traversal issue was discovered in WebAccess versions 8.3.2 and earlier.
network
low complexity
advantech CWE-22
critical
9.8
2018-01-05 CVE-2017-16716 SQL Injection vulnerability in Advantech Webaccess
A SQL Injection issue was discovered in WebAccess versions prior to 8.3.
network
low complexity
advantech CWE-89
critical
9.8
2017-11-06 CVE-2017-14016 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess
A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817.
network
low complexity
advantech CWE-119
6.3
2017-11-06 CVE-2017-12719 NULL Pointer Dereference vulnerability in Advantech Webaccess
An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to V8.2_20170817.
network
low complexity
advantech CWE-476
7.5