Vulnerabilities > Advantech > Webaccess > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-18 | CVE-2019-13552 | Command Injection vulnerability in Advantech Webaccess In WebAccess versions 8.4.1 and prior, multiple command injection vulnerabilities are caused by a lack of proper validation of user-supplied data and may allow arbitrary file deletion and remote code execution. | 8.8 |
2019-06-28 | CVE-2019-10987 | Out-of-bounds Write vulnerability in Advantech Webaccess In WebAccess/SCADA Versions 8.3.5 and prior, multiple out-of-bounds write vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. | 8.8 |
2019-06-28 | CVE-2019-10983 | Out-of-bounds Read vulnerability in Advantech Webaccess In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vulnerability is caused by a lack of proper validation of user-supplied data. | 7.5 |
2019-04-09 | CVE-2019-3941 | Missing Authentication for Critical Function vulnerability in Advantech Webaccess 8.3.4 Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to delete arbitrary files via IOCTL 10005 RPC. | 7.5 |
2019-04-05 | CVE-2019-6554 | Unspecified vulnerability in Advantech Webaccess Advantech WebAccess/SCADA, Versions 8.3.5 and prior. | 7.5 |
2018-10-29 | CVE-2018-17910 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess WebAccess Versions 8.3.2 and prior. | 7.8 |
2018-10-29 | CVE-2018-17908 | Improper Access Control vulnerability in Advantech Webaccess WebAccess Versions 8.3.2 and prior. | 7.8 |
2018-10-23 | CVE-2018-14828 | Improper Privilege Management vulnerability in Advantech Webaccess Advantech WebAccess 8.3.1 and earlier has an improper privilege management vulnerability, which may allow an attacker to access those files and perform actions at a system administrator level. | 7.8 |
2018-10-23 | CVE-2018-14820 | Improper Input Validation vulnerability in Advantech Webaccess Advantech WebAccess 8.3.1 and earlier has a .dll component that is susceptible to external control of file name or path vulnerability, which may allow an arbitrary file deletion when processing. | 7.5 |
2018-10-22 | CVE-2018-15704 | Out-of-bounds Write vulnerability in Advantech Webaccess Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. | 8.8 |