Advantech ADAM-5630 Missing Authentication for Critical Function (CVE-2024-39364)

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device...

Advantech ADAM-5630 Use of Persistent Cookies Containing Sensitive Information (CVE-2024-39275)

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user. This plugin...

Advantech ADAM-5630 Cross-Site Request Forgery (CVE-2024-28948)

Advantech ADAM-5630 contains a cross-site request forgery CSRF vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other. This plugin only works with Tenable.ot. Please visit...

Advantech ADAM-5630 Weak Encoding For Password (CVE-2024-34542)

Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

CVE-2024-34542

Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process...

CVE-2024-39364

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device...

EUVD-2024-34433

Malicious code in bioql PyPI...

EUVD-2024-34846

Malicious code in bioql PyPI...

EUVD-2024-37920

Malicious code in bioql PyPI...

CVE-2024-28948

Advantech ADAM-5630 contains a cross-site request forgery CSRF vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other...

Advantech ADAM-5630 Access Control Error Vulnerability

Advantech ADAM-5630 is an edge intelligent data acquisition controller from Advantech, China. The Advantech ADAM-5630 suffers from an Access Control Error vulnerability that originates from an authenticated user's cookie being retained as a valid cookie even after the session is closed. An attack...

Advantech ADAM-5630 Cross-Site Request Forgery Vulnerability

Advantech ADAM-5630 is an edge intelligent data acquisition controller from Advantech, China. The Advantech ADAM-5630 suffers from a cross-site request forgery vulnerability that is caused by improper validation of user-supplied input. An attacker could use this vulnerability to perform...

Advantech ADAM-5630 Information Disclosure Vulnerability

Advantech ADAM-5630 is an edge intelligent data acquisition controller from Advantech, China. The Advantech ADAM-5630 suffers from an information disclosure vulnerability that is caused by a flaw in sharing user credentials in plain text. An attacker can exploit the vulnerability to obtain...

Advantech ADAM-5630 Access Control Error Vulnerability

Advantech ADAM-5630 is an edge intelligent data acquisition controller from Advantech, China. An Access Control Error vulnerability exists in the Advantech ADAM-5630, which can be exploited by an attacker to execute arbitrary commands on the system...

CVE-2024-39275

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user...

CVE-2024-39364

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device...

CVE-2024-39275

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user...

CVE-2024-34542

Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process...

CVE-2024-28948

Advantech ADAM-5630 contains a cross-site request forgery CSRF vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other...

CVE-2024-39364 Advantech ADAM-5630 Missing Authentication for Critical Function

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device...