← Back

Advantech

advantech

378 CVEs • 95 products

Products (95)

Click to collapse
Toggle
Webaccess
webaccess
103 CVEs
Advantech Webaccess
advantech_webaccess
44 CVEs
R Seenet
r-seenet
40 CVEs
Iview
iview
37 CVEs
Webaccess/scada
webaccess/scada
29 CVEs
Webaccess/nms
webaccess/nms
20 CVEs
Eki 6333ac 2g Firmware
eki-6333ac-2g_firmware
20 CVEs
Eki 6333ac 2gd Firmware
eki-6333ac-2gd_firmware
20 CVEs
Eki 6333ac 1gpo Firmware
eki-6333ac-1gpo_firmware
20 CVEs
Webaccess Scada
webaccess_scada
12 CVEs
Webaccess/hmi Designer
webaccess/hmi_designer
12 CVEs
Webaccess/vpn
webaccess/vpn
12 CVEs
Webaccess Dashboard
webaccess_dashboard
11 CVEs
Wise Deviceon Server
wise-deviceon_server
11 CVEs
Wise 4060lan Firmware
wise-4060lan_firmware
8 CVEs
Wise 4050lan Firmware
wise-4050lan_firmware
8 CVEs
Wise 4010lan Firmware
wise-4010lan_firmware
8 CVEs
Webaccess Hmi Designer
webaccess_hmi_designer
6 CVEs
Wise Paas/rmm
wise-paas/rmm
5 CVEs
Deviceon/iedge
deviceon/iedge
5 CVEs
Eki 1521 Firmware
eki-1521_firmware
5 CVEs
Eki 1522 Firmware
eki-1522_firmware
5 CVEs
Eki 1524 Firmware
eki-1524_firmware
5 CVEs
Advantech Studio
advantech_studio
3 CVEs
Susiaccess
susiaccess
3 CVEs
Spectre Rt Ert351 Firmware
spectre_rt_ert351_firmware
3 CVEs
Adam 5630 Firmware
adam-5630_firmware
3 CVEs
Eki 1321 Series Firmware
eki-1321_series_firmware
2 CVEs
Eki 1322 Series Firmware
eki-1322_series_firmware
2 CVEs
Adam 5550 Firmware
adam_5550-firmware
2 CVEs
Adam 6015
adam-6015
1 CVE
Adam 6017
adam-6017
1 CVE
Adam 6018
adam-6018
1 CVE
Adam 6022
adam-6022
1 CVE
Adam 6024
adam-6024
1 CVE
Adam 6050
adam-6050
1 CVE
Adam 6050w
adam-6050w
1 CVE
Adam 6051
adam-6051
1 CVE
Adam 6051w
adam-6051w
1 CVE
Adam 6052
adam-6052
1 CVE
Adam 6060
adam-6060
1 CVE
Adam 6060w
adam-6060w
1 CVE
Adam 6066
adam-6066
1 CVE
Adam 6501
adam-6501
1 CVE
Adam Opc Server
adam_opc_server
1 CVE
Modbus Rtu Opc Server
modbus_rtu_opc_server
1 CVE
Modbus Tcp Opc Server
modbus_tcp_opc_server
1 CVE
Eki 6340 Firmware
eki-6340_firmware
1 CVE
Eki 6340
eki-6340
1 CVE
Adamview
adamview
1 CVE
Eki 1200 Gateway Series Firmware
eki-1200_gateway_series_firmware
1 CVE
Eki 1361 Series Firmware
eki-1361_series_firmware
1 CVE
Eki 1362 Series Firmware
eki-1362_series_firmware
1 CVE
Eki 122x Series Firmware
eki-122x_series_firmware
1 CVE
Vesp211 Eu Firmware
vesp211-eu_firmware
1 CVE
Vesp211 232 Firmware
vesp211-232_firmware
1 CVE
Webop
webop
1 CVE
Diaganywhere
diaganywhere
1 CVE
Bb Eswgp506 2sfp T Firmware
bb-eswgp506-2sfp-t_firmware
1 CVE
Sq Manager
sq_manager
1 CVE
Deviceon/iservice
deviceon/iservice
1 CVE
Wise Paas/ota
wise-paas/ota
1 CVE
Adam 3600 Firmware
adam-3600_firmware
1 CVE
Tp 3250 Firmware
tp_3250_firmware
1 CVE
Iot Edge Linux Docker
iot_edge_linux_docker
1 CVE
Iot Edge Windows
iot_edge_windows
1 CVE
Iotsuite Growth Linux Docker
iotsuite_growth_linux_docker
1 CVE
Iotsuite Saas Composer
iotsuite_saas_composer
1 CVE
Iotsuite Starter Linux Docker
iotsuite_starter_linux_docker
1 CVE
Eki 1221
eki-1221
0 CVEs
Eki 1221d
eki-1221d
0 CVEs
Eki 1222
eki-1222
0 CVEs
Eki 1222d
eki-1222d
0 CVEs
Eki 1224
eki-1224
0 CVEs
Eki 1321
eki-1321
0 CVEs
Eki 1322
eki-1322
0 CVEs
Eki 1361
eki-1361
0 CVEs
Eki 1362
eki-1362
0 CVEs
Vesp211 Eu
vesp211-eu
0 CVEs
Vesp211 232
vesp211-232
0 CVEs
Bb Eswgp506 2sfp T
bb-eswgp506-2sfp-t
0 CVEs
Spectre Rt Ert351
spectre_rt_ert351
0 CVEs
Adam 3600
adam-3600
0 CVEs
Eki 1521
eki-1521
0 CVEs
Eki 1522
eki-1522
0 CVEs
Eki 1524
eki-1524
0 CVEs
Adam 5630
adam-5630
0 CVEs
Adam 5550
adam-5550
0 CVEs
Eki 6333ac 2g
eki-6333ac-2g
0 CVEs
Eki 6333ac 2gd
eki-6333ac-2gd
0 CVEs
Eki 6333ac 1gpo
eki-6333ac-1gpo
0 CVEs
Wise 4060lan
wise-4060lan
0 CVEs
Wise 4050lan
wise-4050lan
0 CVEs
Wise 4010lan
wise-4010lan
0 CVEs
Tp 3250
tp_3250
0 CVEs

CVEs (378)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-42706
1Advantech
1Webaccess Hmi Designer
Nov 21, 2024
Nov 15, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
This vulnerability could allow an attacker to disclose information and execute arbitrary code on affected installations of WebAccess/MHI Designer
CVE-2021-32951
1Advantech
1Webaccess/nms
Nov 21, 2024
Oct 27, 2021
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses...Show more
WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS.Show less
CVE-2021-38389
1Advantech
1Webaccess
Nov 21, 2024
Oct 18, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.
CVE-2021-33023
1Advantech
1Webaccess
Nov 21, 2024
Oct 18, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code.
CVE-2021-38431
1Advantech
1Webaccess Scada
Nov 21, 2024
Oct 15, 2021
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users.
CVE-2021-38408
1Advantech
1Webaccess
Nov 21, 2024
Sep 9, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.
CVE-2021-32943
1Advantech
1Webaccess/scada
Nov 21, 2024
Aug 10, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA version...Show more
The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1).Show less
CVE-2021-22676
1Advantech
1Webaccess/scada
Nov 21, 2024
Aug 10, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could allow an attacker to send malicious JavaScript code. This could result in hijacking of cookie/session tokens, redirection t...Show more
UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could allow an attacker to send malicious JavaScript code. This could result in hijacking of cookie/session tokens, redirection to a malicious webpage, and unintended browser action on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1).Show less
CVE-2021-22674
1Advantech
1Webaccess/scada
Nov 21, 2024
Aug 10, 2021
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAcce...Show more
The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1).Show less
CVE-2021-21805
1Advantech
1R Seenet
Nov 21, 2024
Aug 5, 2021
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can...Show more
An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request to trigger this vulnerability.Show less
CVE-2021-21804
1Advantech
1R Seenet
Nov 21, 2024
Jul 16, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A local file inclusion (LFI) vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary PHP code execution. An attacke...Show more
A local file inclusion (LFI) vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary PHP code execution. An attacker can send a crafted HTTP request to trigger this vulnerability.Show less
CVE-2021-21803
1Advantech
1R Seenet
Nov 21, 2024
Jul 16, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript c...Show more
This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution.Show less
CVE-2021-21802
1Advantech
1R Seenet
Nov 21, 2024
Jul 16, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript c...Show more
This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution.Show less
CVE-2021-21801
1Advantech
1R Seenet
Nov 21, 2024
Jul 16, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript c...Show more
This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution.Show less
CVE-2021-21800
1Advantech
1R Seenet
Nov 21, 2024
Jul 16, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting vulnerabilities exist in the ssh_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code executio...Show more
Cross-site scripting vulnerabilities exist in the ssh_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execution in the context of the targeted user’s browser. An attacker can provide a crafted URL to trigger this vulnerability.Show less
CVE-2021-21799
1Advantech
1R Seenet
Nov 21, 2024
Jul 16, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting vulnerabilities exist in the telnet_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execu...Show more
Cross-site scripting vulnerabilities exist in the telnet_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execution in the context of the targeted user’s browser. An attacker can provide a crafted URL to trigger this vulnerability.Show less
CVE-2021-33004
1Advantech
1Webaccess/hmi Designer
Nov 21, 2024
Jun 24, 2021
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
The affected product is vulnerable to memory corruption condition due to lack of proper validation of user supplied files, which may allow an attacker to execute arbitrary code. User interaction is required on the WebAcc...Show more
The affected product is vulnerable to memory corruption condition due to lack of proper validation of user supplied files, which may allow an attacker to execute arbitrary code. User interaction is required on the WebAccess HMI Designer (versions 2.1.9.95 and prior).Show less
CVE-2021-33002
1Advantech
1Webaccess/hmi Designer
Nov 21, 2024
Jun 24, 2021
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
Opening a maliciously crafted project file may cause an out-of-bounds write, which may allow an attacker to execute arbitrary code. User interaction is require on the WebAccess HMI Designer (versions 2.1.9.95 and prior).
CVE-2021-33000
1Advantech
1Webaccess/hmi Designer
Nov 21, 2024
Jun 24, 2021
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an attacker to perform arbitrary code execution. User interaction is required on the WebAccess HMI Designer (versions 2.1...Show more
Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an attacker to perform arbitrary code execution. User interaction is required on the WebAccess HMI Designer (versions 2.1.9.95 and prior).Show less
CVE-2021-32956
1Advantech
1Webaccess/scada
Nov 21, 2024
Jun 18, 2021
N/A· v4
6.1 MEDIUM· v3
5.8 MEDIUM· v2
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to redirection, which may allow an attacker to send a maliciously crafted URL that could result in redirecting a user to a malicious webpage.