Advantech ADAM-5550 Weak Encoding For Password (CVE-2024-37187)

Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Advantech ADAM-5550 Weak Encoding For Password (CVE-2024-37187)

Advantech ADAM 5550's web application includes a 'logs' page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output This plugin only works with Tenable.ot. Please visit...

EUVD-2024-37259

Malicious code in bioql PyPI...

EUVD-2024-36489

Malicious code in bioql PyPI...

CVE-2024-37187

Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding...

CVE-2024-38308

Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output...

Advantech ADAM-5550 Information Disclosure Vulnerability

Advantech ADAM-5550 is a programmable automation controller from Advantech, China. The Advantech ADAM-5550 suffers from an information disclosure vulnerability due to a flaw in base64 encoding for sharing user credentials. An attacker can exploit this vulnerability to obtain credential informatio...

CVE-2024-37187

Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding...

CVE-2024-38308

Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output...

CVE-2024-38308 Advantech ADAM-5550 Cross-site Scripting

Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output...

CVE-2024-38308 Advantech ADAM-5550 Cross-site Scripting

Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output...

CVE-2024-38308

CVE-2024-38308 affects Advantech ADAM-5550. The vulnerability is a Cross-Site Scripting issue on the device’s web application “logs” page where HTTP requests are displayed without proper neutralization of malicious code, enabling potential web content injection. Connected sources confirm affected...

CVE-2024-37187

CVE-2024-37187 affects Advantech ADAM-5550. Vulnerability: weak encoding for passwords via base64, exposing credentials. Affected: ADAM-5550 (all versions). Impact: potential credential disclosure; confidentiality at high risk. Mitigation: upgrade to ADAM-5630 firmware v2.5.2+ per ICS advisory. N...

CVE-2024-37187 Advantech ADAM-5550 Weak Encoding for Password

Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding...

CVE-2024-37187 Advantech ADAM-5550 Weak Encoding for Password

Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding...

Advantech ADAM-5550 跨站脚本漏洞

Advantech ADAM-5550 is a programmable automation controller from Advantech, China. The Advantech ADAM-5550 suffers from a cross-site scripting vulnerability that stems from the device failing to properly eliminate malicious code when parsing HTTP requests to generate page output. An attacker can...

Advantech ADAM-5550 安全漏洞

Advantech ADAM-5550 is a programmable automation controller from Advantech, China. The Advantech ADAM-5550 suffers from an information disclosure vulnerability due to a flaw in base64 encoding for sharing user credentials. An attacker can exploit this vulnerability to obtain credential informatio...

Advantech ADAM-5550

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Low attack complexity Vendor : Advantech Equipment : ADAM-5550 Vulnerabilities : Weak Encoding for Password, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to intercept...

PT-2024-27936 · Advantech · Advantech Adam 5550

Name of the Vulnerable Software and Affected Versions: Advantech ADAM 5550 affected versions not specified Description: The device's web application includes a "logs" page where all HTTP requests received are displayed to the user. However, it fails to correctly neutralize malicious code when...

PT-2024-27363 · Advantech · Advantech Adam 5550

Name of the Vulnerable Software and Affected Versions: Advantech ADAM-5550 affected versions not specified Description: The issue is related to the use of weak encryption algorithms in the Advantech ADAM-5550, specifically base 64 encoding, which can allow an attacker to disclose user credentials...