Vulnerabilities > Advantech > Webaccess > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-17 CVE-2023-4215 Unspecified vulnerability in Advantech Webaccess 9.1.3
Advantech WebAccess version 9.1.3 contains an exposure of sensitive information to an unauthorized actor vulnerability that could leak user credentials.
network
low complexity
advantech
7.5
2023-06-07 CVE-2023-2866 Insufficient Verification of Data Authenticity vulnerability in Advantech Webaccess 8.4.5
If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server.
local
low complexity
advantech CWE-345
7.8
2020-09-22 CVE-2020-16202 Unspecified vulnerability in Advantech Webaccess
WebAccess Node (All versions prior to 9.0.1) has incorrect permissions set for resources used by specific services, which may allow code execution with system privileges.
local
low complexity
advantech
7.8
2020-05-08 CVE-2020-12026 Path Traversal vulnerability in Advantech Webaccess
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.
network
low complexity
advantech CWE-22
8.8
2020-05-08 CVE-2020-12018 Out-of-bounds Read vulnerability in Advantech Webaccess
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.
network
low complexity
advantech CWE-125
7.5
2020-05-08 CVE-2020-12014 SQL Injection vulnerability in Advantech Webaccess
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.
network
low complexity
advantech CWE-89
7.5
2020-05-08 CVE-2020-12010 Path Traversal vulnerability in Advantech Webaccess
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.
local
low complexity
advantech CWE-22
7.1
2020-04-01 CVE-2019-3942 Insufficiently Protected Credentials vulnerability in Advantech Webaccess 8.3.4
Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files.
network
low complexity
advantech CWE-522
7.5
2020-03-27 CVE-2020-10607 Out-of-bounds Write vulnerability in Advantech Webaccess
In Advantech WebAccess, Versions 8.4.2 and prior.
network
low complexity
advantech CWE-787
8.8
2019-09-18 CVE-2019-13556 Out-of-bounds Write vulnerability in Advantech Webaccess
In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data.
network
low complexity
advantech CWE-787
8.8