Vulnerabilities > Advantech > Webaccess > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-17 | CVE-2023-4215 | Unspecified vulnerability in Advantech Webaccess 9.1.3 Advantech WebAccess version 9.1.3 contains an exposure of sensitive information to an unauthorized actor vulnerability that could leak user credentials. | 7.5 |
| 2023-06-07 | CVE-2023-2866 | Insufficient Verification of Data Authenticity vulnerability in Advantech Webaccess 8.4.5 If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. | 7.8 |
| 2020-09-22 | CVE-2020-16202 | Incorrect Permission Assignment for Critical Resource vulnerability in Advantech Webaccess WebAccess Node (All versions prior to 9.0.1) has incorrect permissions set for resources used by specific services, which may allow code execution with system privileges. | 7.8 |
| 2020-05-08 | CVE-2020-12026 | Path Traversal vulnerability in Advantech Webaccess Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. | 8.8 |
| 2020-05-08 | CVE-2020-12018 | Out-of-bounds Read vulnerability in Advantech Webaccess Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. | 7.5 |
| 2020-05-08 | CVE-2020-12014 | SQL Injection vulnerability in Advantech Webaccess Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. | 7.5 |
| 2020-05-08 | CVE-2020-12010 | Path Traversal vulnerability in Advantech Webaccess Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. | 7.1 |
| 2020-04-01 | CVE-2019-3942 | Insufficiently Protected Credentials vulnerability in Advantech Webaccess 8.3.4 Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. | 7.5 |
| 2020-03-27 | CVE-2020-10607 | Out-of-bounds Write vulnerability in Advantech Webaccess In Advantech WebAccess, Versions 8.4.2 and prior. | 8.8 |
| 2019-09-18 | CVE-2019-13556 | Out-of-bounds Write vulnerability in Advantech Webaccess In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. | 8.8 |