Advantech ADAM-5630 Use of Persistent Cookies Containing Sensitive Information (CVE-2024-39275)

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user. This plugin...

Advantech ADAM-5630 Missing Authentication for Critical Function (CVE-2024-39364)

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device...

Advantech ADAM-5630 Cross-Site Request Forgery (CVE-2024-28948)

Advantech ADAM-5630 contains a cross-site request forgery CSRF vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other. This plugin only works with Tenable.ot. Please visit...

Advantech ADAM-5630 Weak Encoding For Password (CVE-2024-34542)

Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

CVE-2024-34542

Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process...

CVE-2024-39364

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device...

EUVD-2024-34433

Malicious code in bioql PyPI...

EUVD-2024-34846

Malicious code in bioql PyPI...

EUVD-2024-37920

Malicious code in bioql PyPI...

CVE-2024-28948

Advantech ADAM-5630 contains a cross-site request forgery CSRF vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other...

The vulnerability of the microprogrammed logic controller (PLC) Advantech ADAM-5630 software lies in the lack of authentication for a critical function. This allows a intruder to execute arbitrary commands and cause malfunctions in the device’s operation.

The vulnerability of the microprogrammed logic controller PLC Advantech ADAM-5630 software is related to the absence of authentication for the critical function. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands and cause malfunctions in the system...

The vulnerability of the microprogrammed logic controller (PLC) Advantech ADAM-5630 software, which stems from the use of weak encryption algorithms, allows a hacker to expose user account information.

The vulnerability of the microprogrammed logic controller PLC Advantech ADAM-5630 software is related to the use of weak encryption algorithms. Exploiting this vulnerability could allow an intruder to obtain user credentials...

The vulnerability of the microprogrammed logic controller (PLC) Advantech ADAM-5630 software, related to the ability to send a cookie session file, allows a intruder to gain unauthorized access to protected information and enhance their privileges.

The vulnerability of the microprogrammed logic controller PLC Advantech ADAM-5630 software is related to the ability to send a cookie session file. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information and enhance their privileges...

Advantech ADAM-5630 Access Control Error Vulnerability

Advantech ADAM-5630 is an edge intelligent data acquisition controller from Advantech, China. The Advantech ADAM-5630 suffers from an Access Control Error vulnerability that originates from an authenticated user's cookie being retained as a valid cookie even after the session is closed. An attack...

Advantech ADAM-5630 Cross-Site Request Forgery Vulnerability

Advantech ADAM-5630 is an edge intelligent data acquisition controller from Advantech, China. The Advantech ADAM-5630 suffers from a cross-site request forgery vulnerability that is caused by improper validation of user-supplied input. An attacker could use this vulnerability to perform...

Advantech ADAM-5630 Information Disclosure Vulnerability

Advantech ADAM-5630 is an edge intelligent data acquisition controller from Advantech, China. The Advantech ADAM-5630 suffers from an information disclosure vulnerability that is caused by a flaw in sharing user credentials in plain text. An attacker can exploit the vulnerability to obtain...

Advantech ADAM-5630 Access Control Error Vulnerability

Advantech ADAM-5630 is an edge intelligent data acquisition controller from Advantech, China. An Access Control Error vulnerability exists in the Advantech ADAM-5630, which can be exploited by an attacker to execute arbitrary commands on the system...

CVE-2024-39364

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device...

CVE-2024-39275

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user...

CVE-2024-39275

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user...