Vulnerabilities > Advantech > Webaccess > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-17 | CVE-2023-4215 | Unspecified vulnerability in Advantech Webaccess 9.1.3 Advantech WebAccess version 9.1.3 contains an exposure of sensitive information to an unauthorized actor vulnerability that could leak user credentials. | 7.5 |
2023-06-07 | CVE-2023-2866 | Insufficient Verification of Data Authenticity vulnerability in Advantech Webaccess 8.4.5 If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. | 7.8 |
2020-09-22 | CVE-2020-16202 | Unspecified vulnerability in Advantech Webaccess WebAccess Node (All versions prior to 9.0.1) has incorrect permissions set for resources used by specific services, which may allow code execution with system privileges. | 7.8 |
2020-05-08 | CVE-2020-12026 | Path Traversal vulnerability in Advantech Webaccess Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. | 8.8 |
2020-05-08 | CVE-2020-12018 | Out-of-bounds Read vulnerability in Advantech Webaccess Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. | 7.5 |
2020-05-08 | CVE-2020-12014 | SQL Injection vulnerability in Advantech Webaccess Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. | 7.5 |
2020-05-08 | CVE-2020-12010 | Path Traversal vulnerability in Advantech Webaccess Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. | 7.1 |
2020-04-01 | CVE-2019-3942 | Insufficiently Protected Credentials vulnerability in Advantech Webaccess 8.3.4 Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. | 7.5 |
2020-03-27 | CVE-2020-10607 | Out-of-bounds Write vulnerability in Advantech Webaccess In Advantech WebAccess, Versions 8.4.2 and prior. | 8.8 |
2019-09-18 | CVE-2019-13556 | Out-of-bounds Write vulnerability in Advantech Webaccess In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. | 8.8 |