← Back

Advantech

advantech

378 CVEs • 95 products

Products (95)

Click to collapse
Toggle
Webaccess
webaccess
103 CVEs
Advantech Webaccess
advantech_webaccess
44 CVEs
R Seenet
r-seenet
40 CVEs
Iview
iview
37 CVEs
Webaccess/scada
webaccess/scada
29 CVEs
Webaccess/nms
webaccess/nms
20 CVEs
Eki 6333ac 2g Firmware
eki-6333ac-2g_firmware
20 CVEs
Eki 6333ac 2gd Firmware
eki-6333ac-2gd_firmware
20 CVEs
Eki 6333ac 1gpo Firmware
eki-6333ac-1gpo_firmware
20 CVEs
Webaccess Scada
webaccess_scada
12 CVEs
Webaccess/hmi Designer
webaccess/hmi_designer
12 CVEs
Webaccess/vpn
webaccess/vpn
12 CVEs
Webaccess Dashboard
webaccess_dashboard
11 CVEs
Wise Deviceon Server
wise-deviceon_server
11 CVEs
Wise 4060lan Firmware
wise-4060lan_firmware
8 CVEs
Wise 4050lan Firmware
wise-4050lan_firmware
8 CVEs
Wise 4010lan Firmware
wise-4010lan_firmware
8 CVEs
Webaccess Hmi Designer
webaccess_hmi_designer
6 CVEs
Wise Paas/rmm
wise-paas/rmm
5 CVEs
Deviceon/iedge
deviceon/iedge
5 CVEs
Eki 1521 Firmware
eki-1521_firmware
5 CVEs
Eki 1522 Firmware
eki-1522_firmware
5 CVEs
Eki 1524 Firmware
eki-1524_firmware
5 CVEs
Advantech Studio
advantech_studio
3 CVEs
Susiaccess
susiaccess
3 CVEs
Spectre Rt Ert351 Firmware
spectre_rt_ert351_firmware
3 CVEs
Adam 5630 Firmware
adam-5630_firmware
3 CVEs
Eki 1321 Series Firmware
eki-1321_series_firmware
2 CVEs
Eki 1322 Series Firmware
eki-1322_series_firmware
2 CVEs
Adam 5550 Firmware
adam_5550-firmware
2 CVEs
Adam 6015
adam-6015
1 CVE
Adam 6017
adam-6017
1 CVE
Adam 6018
adam-6018
1 CVE
Adam 6022
adam-6022
1 CVE
Adam 6024
adam-6024
1 CVE
Adam 6050
adam-6050
1 CVE
Adam 6050w
adam-6050w
1 CVE
Adam 6051
adam-6051
1 CVE
Adam 6051w
adam-6051w
1 CVE
Adam 6052
adam-6052
1 CVE
Adam 6060
adam-6060
1 CVE
Adam 6060w
adam-6060w
1 CVE
Adam 6066
adam-6066
1 CVE
Adam 6501
adam-6501
1 CVE
Adam Opc Server
adam_opc_server
1 CVE
Modbus Rtu Opc Server
modbus_rtu_opc_server
1 CVE
Modbus Tcp Opc Server
modbus_tcp_opc_server
1 CVE
Eki 6340 Firmware
eki-6340_firmware
1 CVE
Eki 6340
eki-6340
1 CVE
Adamview
adamview
1 CVE
Eki 1200 Gateway Series Firmware
eki-1200_gateway_series_firmware
1 CVE
Eki 1361 Series Firmware
eki-1361_series_firmware
1 CVE
Eki 1362 Series Firmware
eki-1362_series_firmware
1 CVE
Eki 122x Series Firmware
eki-122x_series_firmware
1 CVE
Vesp211 Eu Firmware
vesp211-eu_firmware
1 CVE
Vesp211 232 Firmware
vesp211-232_firmware
1 CVE
Webop
webop
1 CVE
Diaganywhere
diaganywhere
1 CVE
Bb Eswgp506 2sfp T Firmware
bb-eswgp506-2sfp-t_firmware
1 CVE
Sq Manager
sq_manager
1 CVE
Deviceon/iservice
deviceon/iservice
1 CVE
Wise Paas/ota
wise-paas/ota
1 CVE
Adam 3600 Firmware
adam-3600_firmware
1 CVE
Tp 3250 Firmware
tp_3250_firmware
1 CVE
Iot Edge Linux Docker
iot_edge_linux_docker
1 CVE
Iot Edge Windows
iot_edge_windows
1 CVE
Iotsuite Growth Linux Docker
iotsuite_growth_linux_docker
1 CVE
Iotsuite Saas Composer
iotsuite_saas_composer
1 CVE
Iotsuite Starter Linux Docker
iotsuite_starter_linux_docker
1 CVE
Eki 1221
eki-1221
0 CVEs
Eki 1221d
eki-1221d
0 CVEs
Eki 1222
eki-1222
0 CVEs
Eki 1222d
eki-1222d
0 CVEs
Eki 1224
eki-1224
0 CVEs
Eki 1321
eki-1321
0 CVEs
Eki 1322
eki-1322
0 CVEs
Eki 1361
eki-1361
0 CVEs
Eki 1362
eki-1362
0 CVEs
Vesp211 Eu
vesp211-eu
0 CVEs
Vesp211 232
vesp211-232
0 CVEs
Bb Eswgp506 2sfp T
bb-eswgp506-2sfp-t
0 CVEs
Spectre Rt Ert351
spectre_rt_ert351
0 CVEs
Adam 3600
adam-3600
0 CVEs
Eki 1521
eki-1521
0 CVEs
Eki 1522
eki-1522
0 CVEs
Eki 1524
eki-1524
0 CVEs
Adam 5630
adam-5630
0 CVEs
Adam 5550
adam-5550
0 CVEs
Eki 6333ac 2g
eki-6333ac-2g
0 CVEs
Eki 6333ac 2gd
eki-6333ac-2gd
0 CVEs
Eki 6333ac 1gpo
eki-6333ac-1gpo
0 CVEs
Wise 4060lan
wise-4060lan
0 CVEs
Wise 4050lan
wise-4050lan
0 CVEs
Wise 4010lan
wise-4010lan
0 CVEs
Tp 3250
tp_3250
0 CVEs

CVEs (378)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-12018
1Advantech
1Webaccess
Nov 21, 2024
May 8, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data.
CVE-2020-12014
1Advantech
1Webaccess
Nov 21, 2024
May 8, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL commands.
CVE-2020-12010
1Advantech
1Webaccess
Nov 21, 2024
May 8, 2020
N/A· v4
7.1 HIGH· v3
5.8 MEDIUM· v2
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow an authenticated user to use a specially crafted file to delete files outside the ap...Show more
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow an authenticated user to use a specially crafted file to delete files outside the application’s control.Show less
CVE-2020-12006
1Advantech
1Webaccess
Nov 21, 2024
May 8, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control.
CVE-2020-12002
1Advantech
1Webaccess
Nov 21, 2024
May 8, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remo...Show more
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution.Show less
CVE-2020-10638
1Advantech
1Webaccess
Nov 21, 2024
May 8, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remot...Show more
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution.Show less
CVE-2020-10631
1Advantech
1Webaccess/nms
Nov 21, 2024
Apr 9, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS's (versions prior to 3.0.2) control.
CVE-2020-10629
1Advantech
1Webaccess/nms
Nov 21, 2024
Apr 9, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
WebAccess/NMS (versions prior to 3.0.2) does not sanitize XML input. Specially crafted XML input could allow an attacker to read sensitive files.
CVE-2020-10625
1Advantech
1Webaccess/nms
Nov 21, 2024
Apr 9, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remote user to create a new admin account.
CVE-2020-10623
1Advantech
1Webaccess/nms
Nov 21, 2024
Apr 9, 2020
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Multiple vulnerabilities could allow an attacker with low privileges to perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information.
CVE-2020-10619
1Advantech
1Webaccess/nms
Nov 21, 2024
Apr 9, 2020
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's (versions prior to 3.0.2) control.
CVE-2020-10617
1Advantech
1Webaccess/nms
Nov 21, 2024
Apr 9, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
There are multiple ways an unauthenticated attacker could perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information.
CVE-2020-10603
1Advantech
1Webaccess/nms
Nov 21, 2024
Apr 9, 2020
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
WebAccess/NMS (versions prior to 3.0.2) does not properly sanitize user input and may allow an attacker to inject system commands remotely.
CVE-2020-10621
1Advantech
1Webaccess/nms
Nov 21, 2024
Apr 9, 2020
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions prior to 3.0.2).
CVE-2019-3942
1Advantech
1Webaccess
Nov 21, 2024
Apr 1, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. An attacker can use this vulnerability to recover the administrator password.
CVE-2020-10607
1Advantech
1Webaccess
Nov 21, 2024
Mar 27, 2020
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.
CVE-2019-18257
1Advantech
1Diaganywhere
Nov 21, 2024
Dec 17, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Successful exploitation could allow an unau...Show more
In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code with the privileges of the user running DiagAnywhere Server.Show less
CVE-2019-3951
1Advantech
1Webaccess
Nov 21, 2024
Dec 12, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533 RPC messa...Show more
Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533 RPC messages.Show less
CVE-2019-18229
1Advantech
1Wise Paas/rmm
Nov 21, 2024
Oct 31, 2019
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Lack of sanitization of user-supplied input cause SQL injection vulnerabilities. An attacker can leverage these vulnerabilities to disclose information.
CVE-2019-18227
1Advantech
1Wise Paas/rmm
Nov 21, 2024
Oct 31, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. XXE vulnerabilities exist that may allow disclosure of sensitive data.