Lucene search
+L

177 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:11 p.m.8 views

CVE-2021-21805

An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request to trigger this vulnerability...

10CVSS7.4AI score0.69631EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:11 p.m.6 views

CVE-2021-21801

This vulnerability is present in devicegraphpage.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution...

9.6CVSS6.9AI score0.63415EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:11 p.m.6 views

CVE-2021-21800

Cross-site scripting vulnerabilities exist in the sshform.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execution in the context of the targeted user’s browser. An attacker can provide a craft...

9.6CVSS7AI score0.14115EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:11 p.m.9 views

CVE-2021-21802

This vulnerability is present in devicegraphpage.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution...

9.6CVSS6.9AI score0.099EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:20 p.m.6 views

CVE-2021-21912

A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger...

8.8CVSS7.3AI score0.00378EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:19 p.m.8 views

CVE-2021-21799

Cross-site scripting vulnerabilities exist in the telnetform.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execution in the context of the targeted user’s browser. An attacker can provide a...

9.6CVSS7AI score0.12293EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/06 12:50 a.m.11 views

CVE-2022-3385

Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can remotely overflow the stack buffer and enable remote code execution...

9.8CVSS7.9AI score0.01202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 12:46 a.m.11 views

CVE-2022-3386

Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can use an outsized filename to overflow the stack buffer and enable remote code execution...

9.8CVSS7.9AI score0.01202EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2023/12/24 12:0 a.m.5 views

VulnCheck KEV: CVE-2021-21805

An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request to trigger this vulnerability...

10CVSS7.4AI score0.69631EPSS
Exploits1References1
CNVD
CNVD
added 2023/10/23 12:0 a.m.34 views

Advantech R-SeeNet Information Disclosure Vulnerability

Advantech R-SeeNet is an industrial monitoring software from Advantech, China. An information disclosure vulnerability exists in Advantech R-SeeNet, which can be exploited by an attacker to obtain login credentials and the default SNMP group string from the snmpmon.ini file and use this informati...

9.8CVSS6.2AI score0.16652EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2023/10/19 12:0 a.m.8 views

The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers lies in the lack of protection for operational data. This allows a hacker to gain access to the database by reading and writing data in the snmpmon.ini file.

The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers lies in the lack of protection for operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to the database by reading and writing data ...

10CVSS7.8AI score0.16652EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/10/18 3:4 p.m.26 views

CVE-2023-5642 Advantech R-SeeNet Unauthenticated Read/Write

Advantech R-SeeNet v2.4.23 allows an unauthenticated remote attacker to read from and write to the snmpmon.ini file, which contains sensitive information...

9.8CVSS9.6AI score0.16652EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/10/18 12:0 a.m.8 views

Advantech R-SeeNet 安全漏洞

Advantech R-SeeNet is an industrial monitoring software from Advantech, China. An information disclosure vulnerability exists in Advantech R-SeeNet, which can be exploited by an attacker to obtain login credentials and the default SNMP group string from the snmpmon.ini file and use this informati...

9.8CVSS6.2AI score0.16652EPSS
Exploits1References2
Zero Day Initiative
Zero Day Initiative
added 2023/08/21 12:0 a.m.26 views

Advantech R-SeeNet Use Of Hard-Coded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Advantech R-SeeNet. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the database. The issue results from the existence of an addition...

9.8CVSS6.9AI score0.00668EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/21 12:0 a.m.39 views

Advantech R-SeeNet device_status Local File Inclusion Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Advantech R-SeeNet. Authentication is required to exploit this vulnerability. The specific flaw exists within the devicestatus page. The issue results from the lack of proper validation of user-supplied...

8.8CVSS6.8AI score0.00647EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.7 views

The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers allows a intruder to gain unauthorized access to local files.

The vulnerability of the monitoring software for the functions and status of Advantech R-SeeNet routers is related to improper external manipulation of the file name or file path. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to local...

9CVSS7.4AI score0.00647EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2023/06/27 12:0 a.m.7 views

Advantech R-SeeNet Trust Management Issue Vulnerability

Advantech R-SeeNet is an industrial monitoring software from Advantech, China. A security vulnerability exists in Advantech R-SeeNet, which can be exploited by an authenticated, remote attacker to submit a special request for unauthorized access to the system...

9.8CVSS6.8AI score0.00668EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/06/27 12:0 a.m.9 views

The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers lies in the possibility of using strictly encrypted login data, which allows a hacker to gain increased privileges.

The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers lies in the possibility of using strictly encrypted login data. Exploiting this vulnerability could allow a malicious actor to gain increased privileges...

10CVSS7.7AI score0.00668EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/06/22 5:15 p.m.6 views

CVE-2023-3256

Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files...

8.1CVSS5.8AI score0.00647EPSS
Exploits0References1
NVD
NVD
added 2023/06/22 5:15 p.m.37 views

CVE-2023-2611

Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users...

9.8CVSS9.6AI score0.00668EPSS
Exploits0References1
Rows per page
Query Builder