Vulnerabilities > Advantech > Webaccess > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-10-18 CVE-2021-38389 Out-of-bounds Write vulnerability in Advantech Webaccess
Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.
network
low complexity
advantech CWE-787
critical
 9.8
9.8
2021-10-18 CVE-2021-33023 Out-of-bounds Write vulnerability in Advantech Webaccess
Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code.
network
low complexity
advantech CWE-787
critical
 9.8
9.8
2021-09-09 CVE-2021-38408 Stack-based Buffer Overflow vulnerability in Advantech Webaccess
A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.
network
low complexity
advantech CWE-121
critical
 9.8
9.8
2020-06-15 CVE-2020-12019 Out-of-bounds Write vulnerability in Advantech Webaccess
WebAccess Node Version 8.4.4 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.
network
low complexity
advantech CWE-787
critical
 9.8
9.8
2020-05-08 CVE-2020-10638 Out-of-bounds Write vulnerability in Advantech Webaccess
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.
network
low complexity
advantech CWE-787
critical
 9.8
9.8
2020-05-08 CVE-2020-12002 Out-of-bounds Write vulnerability in Advantech Webaccess
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.
network
low complexity
advantech CWE-787
critical
 9.8
9.8
2020-05-08 CVE-2020-12006 Path Traversal vulnerability in Advantech Webaccess
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.
network
low complexity
advantech CWE-22
critical
 9.8
9.8
2020-05-08 CVE-2020-12022 Improper Validation of Array Index vulnerability in Advantech Webaccess
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.
network
low complexity
advantech CWE-129
critical
 9.8
9.8
2019-12-12 CVE-2019-3951 Out-of-bounds Write vulnerability in Advantech Webaccess
Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533 RPC messages.
network
low complexity
advantech CWE-787
critical
 9.8
9.8
2019-09-18 CVE-2019-13558 Code Injection vulnerability in Advantech Webaccess
In WebAccess versions 8.4.1 and prior, an exploit executed over the network may cause improper control of generation of code, which may allow remote code execution, data exfiltration, or cause a system crash.
network
low complexity
advantech CWE-94
critical
 9.8
9.8