15 matches found
Advantech ADAM-5550 Weak Encoding For Password (CVE-2024-37187)
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
EUVD-2024-37259
Malicious code in bioql PyPI...
EUVD-2024-36489
Malicious code in bioql PyPI...
CVE-2024-37187
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding...
The vulnerability of the microprogrammed logic controller Advantech ADAM 5550, related to the lack of protective measures for the website structure, allows attackers to carry out cross-site scripting attacks.
The vulnerability of the microprogrammed logic controller Advantech ADAM 5550 lies in the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...
CVE-2024-38308
Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output...
Advantech ADAM-5550 Information Disclosure Vulnerability
Advantech ADAM-5550 is a programmable automation controller from Advantech, China. The Advantech ADAM-5550 suffers from an information disclosure vulnerability due to a flaw in base64 encoding for sharing user credentials. An attacker can exploit this vulnerability to obtain credential informatio...
CVE-2024-37187
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding...
CVE-2024-38308
Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output...
CVE-2024-38308 Advantech ADAM-5550 Cross-site Scripting
Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output...
CVE-2024-38308
CVE-2024-38308 affects Advantech ADAM-5550. The vulnerability is a Cross-Site Scripting issue on the device’s web application “logs” page where HTTP requests are displayed without proper neutralization of malicious code, enabling potential web content injection. Connected sources confirm affected...
CVE-2024-38308 Advantech ADAM-5550 Cross-site Scripting
Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output...
CVE-2024-37187
CVE-2024-37187 affects Advantech ADAM-5550. Vulnerability: weak encoding for passwords via base64, exposing credentials. Affected: ADAM-5550 (all versions). Impact: potential credential disclosure; confidentiality at high risk. Mitigation: upgrade to ADAM-5630 firmware v2.5.2+ per ICS advisory. N...
CVE-2024-37187 Advantech ADAM-5550 Weak Encoding for Password
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding...
PT-2024-27936 · Advantech · Advantech Adam 5550
Name of the Vulnerable Software and Affected Versions: Advantech ADAM 5550 affected versions not specified Description: The device's web application includes a "logs" page where all HTTP requests received are displayed to the user. However, it fails to correctly neutralize malicious code when...