Lucene search
K

41 matches found

NVD
NVD
added 2024/09/27 6:15 p.m.8 views

CVE-2024-34542

Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process...

6.9CVSS0.00215EPSS
Exploits0References1
NVD
NVD
added 2024/09/27 6:15 p.m.12 views

CVE-2024-28948

Advantech ADAM-5630 contains a cross-site request forgery CSRF vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other...

8.8CVSS0.00207EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/27 5:48 p.m.14 views

CVE-2024-39364 Advantech ADAM-5630 Missing Authentication for Critical Function

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device...

7CVSS7.3AI score0.00215EPSS
Exploits0References1
CVE
CVE
added 2024/09/27 5:48 p.m.51 views

CVE-2024-39364

CVE-2024-39364 concerns Advantech ADAM-5630. Connected sources confirm missing authentication for built-in commands that can be triggered via a simple HTTP request, enabling actions such as restarting the OS, rebooting the device, and stopping execution. The root cause is lack of access control f...

7CVSS6.9AI score0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/27 5:48 p.m.18 views

CVE-2024-39364 Advantech ADAM-5630 Missing Authentication for Critical Function

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device...

7CVSS0.00215EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/27 5:45 p.m.14 views

CVE-2024-34542 Advantech ADAM-5630 Weak Encoding for Password

Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process...

6.9CVSS7AI score0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/27 5:45 p.m.17 views

CVE-2024-34542 Advantech ADAM-5630 Weak Encoding for Password

Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process...

6.9CVSS0.00215EPSS
Exploits0References1
CVE
CVE
added 2024/09/27 5:45 p.m.49 views

CVE-2024-34542

CVE-2024-34542 affects Advantech ADAM-5630. Technical details across sources show that user credentials are transmitted in plain text during login due to weak encoding, exposing confidentiality risk (CVE-2024-34542). Affected product: Advantech ADAM-5630; vulnerable component/function involves th...

6.9CVSS6.1AI score0.00215EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/27 5:41 p.m.14 views

CVE-2024-28948 Advantech ADAM-5630 Cross-Site Request Forgery

Advantech ADAM-5630 contains a cross-site request forgery CSRF vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other...

8.5CVSS7AI score0.00207EPSS
Exploits0References1
CVE
CVE
added 2024/09/27 5:41 p.m.54 views

CVE-2024-28948

The CVE-2024-28948 entry describes a CSRF vulnerability in Advantech ADAM-5630. Affected product: ADAM-5630 (pre-2.5.2). Root cause: cross-site request forgery (CWE-352) enabling an attacker to partly bypass same-origin policy. Reported impact: high impact to confidentiality, integrity, and avail...

8.8CVSS8.1AI score0.00207EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/09/27 5:38 p.m.28 views

CVE-2024-39275 Advantech ADAM-5630 Use of Persistent Cookies Containing Sensitive Information

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user...

8.5CVSS0.00391EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/27 5:38 p.m.15 views

CVE-2024-39275 Advantech ADAM-5630 Use of Persistent Cookies Containing Sensitive Information

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user...

8.5CVSS6.7AI score0.00391EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/27 12:0 a.m.5 views

Advantech ADAM-5630 安全漏洞

The Advantech ADAM-5630 is an edge intelligent data acquisition controller from Advantech China. A security vulnerability exists in the Advantech ADAM-5630 that originates from user credentials being shared in plain text between the device and the user source device during the login process...

6.9CVSS6.7AI score0.00215EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/27 12:0 a.m.5 views

Advantech ADAM-5630 安全漏洞

Advantech ADAM-5630 is an edge intelligent data acquisition controller from Advantech, China. The Advantech ADAM-5630 suffers from an Access Control Error vulnerability that originates from an authenticated user's cookie being retained as a valid cookie even after the session is closed. An attack...

8.8CVSS6.7AI score0.00391EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/27 12:0 a.m.6 views

Advantech ADAM-5630 访问控制错误漏洞

The Advantech ADAM-5630 is an Edge Intelligent Data Acquisition Controller from Advantech China. The Advantech ADAM-5630 suffers from an access control error vulnerability that originates from the ability to execute built-in commands without authentication via a specially crafted request...

7CVSS7.2AI score0.00215EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/27 12:0 a.m.4 views

Advantech ADAM-5630 跨站请求伪造漏洞

The Advantech ADAM-5630 is an Edge Intelligent Data Acquisition Controller from Advantech, China. The Advantech ADAM-5630 suffers from a cross-site request forgery vulnerability that stems from a cross-site request forgery issue included in the product...

8.8CVSS6.7AI score0.00207EPSS
Exploits0References2
ICS
ICS
added 2024/09/26 6:0 a.m.38 views

Advantech ADAM 5630

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Low attack complexity Vendor : Advantech Equipment : ADAM-5630 Vulnerabilities : Use of Persistent Cookies Containing Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to hijack a...

8.8CVSS7.7AI score0.00391EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/09/18 12:0 a.m.3 views

PT-2024-6551 · Advantech · Adam-5630

Name of the Vulnerable Software and Affected Versions: Advantech ADAM-5630 affected versions not specified Description: The issue concerns the cookies of authenticated Advantech ADAM-5630 users, which remain active and valid even after a session is closed. This allows an unauthorized attacker to...

8.8CVSS7.1AI score0.00391EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/09/18 12:0 a.m.3 views

PT-2024-6491 · Advantech · Adam-5630

Name of the Vulnerable Software and Affected Versions: Advantech ADAM-5630 affected versions not specified Description: The issue is related to a cross-site request forgery CSRF vulnerability, which allows an attacker to partly circumvent the same origin policy. This policy is designed to prevent...

8.8CVSS7.1AI score0.00207EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/06/26 12:0 a.m.4 views

PT-2024-6690 · Advantech · Adam-5630

Name of the Vulnerable Software and Affected Versions: Advantech ADAM-5630 affected versions not specified Description: The issue is related to the transmission of user credentials in plain text between the device and the user source device during the login process. This is due to the use of weak...

6.9CVSS6.8AI score0.00215EPSS
Exploits0References10
Rows per page
Query Builder