Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Webaccess
(Advantech)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 102 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2018-10-23 | CVE-2018-14806 | Advantech WebAccess 8.3.1 and earlier has a path traversal vulnerability which may allow an attacker to execute arbitrary code. | Webaccess | 9.8 | ||
2018-10-23 | CVE-2018-14816 | Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code. | Webaccess | 9.8 | ||
2018-10-23 | CVE-2018-14820 | Advantech WebAccess 8.3.1 and earlier has a .dll component that is susceptible to external control of file name or path vulnerability, which may allow an arbitrary file deletion when processing. | Webaccess | 7.5 | ||
2018-10-23 | CVE-2018-14828 | Advantech WebAccess 8.3.1 and earlier has an improper privilege management vulnerability, which may allow an attacker to access those files and perform actions at a system administrator level. | Webaccess | 7.8 | ||
2023-10-17 | CVE-2023-4215 | Advantech WebAccess version 9.1.3 contains an exposure of sensitive information to an unauthorized actor vulnerability that could leak user credentials. | Webaccess | 7.5 | ||
2023-06-07 | CVE-2023-2866 | If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. | Webaccess | 7.8 | ||
2019-06-28 | CVE-2019-10983 | In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vulnerability is caused by a lack of proper validation of user-supplied data. Exploitation of this vulnerability may allow disclosure of information. | Webaccess | 7.5 | ||
2019-06-28 | CVE-2019-10987 | In WebAccess/SCADA Versions 8.3.5 and prior, multiple out-of-bounds write vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. | Webaccess | 8.8 | ||
2019-06-28 | CVE-2019-10989 | In WebAccess/SCADA Versions 8.3.5 and prior, multiple heap-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. Note: A different vulnerability than CVE-2019-10991. | Webaccess | 9.8 | ||
2019-06-28 | CVE-2019-10991 | In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. | Webaccess | 9.8 |