Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Webaccess
(Advantech)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 102 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-06-28 | CVE-2019-10985 | In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator. | Webaccess | 9.1 | ||
| 2019-06-28 | CVE-2019-10993 | In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code. | Webaccess | 9.8 | ||
| 2020-05-08 | CVE-2020-10638 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. | Webaccess | 9.8 | ||
| 2019-09-18 | CVE-2019-13552 | In WebAccess versions 8.4.1 and prior, multiple command injection vulnerabilities are caused by a lack of proper validation of user-supplied data and may allow arbitrary file deletion and remote code execution. | Webaccess | 8.8 | ||
| 2021-10-18 | CVE-2021-38389 | Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code. | Webaccess | 9.8 | ||
| 2021-10-18 | CVE-2021-33023 | Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code. | Webaccess | 9.8 | ||
| 2020-05-08 | CVE-2020-12002 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. | Webaccess | 9.8 | ||
| 2020-05-08 | CVE-2020-12006 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control. | Webaccess | 9.8 | ||
| 2020-05-08 | CVE-2020-12010 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow an authenticated user to use a specially crafted file to delete files outside the application’s control. | Webaccess | 7.1 | ||
| 2020-05-08 | CVE-2020-12026 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control. | Webaccess | 8.8 |