CVE-2025-46268 Advantech WebAccess/SCADA SQL Injection

Advantech WebAccess/SCADA is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands...

CVE-2025-46268 Advantech WebAccess/SCADA SQL Injection

Advantech WebAccess/SCADA is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands...

CVE-2025-46268

CVE-2025-46268 affects Advantech WebAccess/SCADA. The vulnerability is a SQL injection in the WebAccess/SCADA system that could allow an attacker to execute arbitrary SQL commands against the vulnerable database. The available connected sources corroborate the issue, describing it specifically as...

CVE-2025-14848 Advantech WebAccess/SCADA Absolute Path Traversal

Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, which may allow an attacker to determine the existence of arbitrary files...

CVE-2025-14848 Advantech WebAccess/SCADA Absolute Path Traversal

Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, which may allow an attacker to determine the existence of arbitrary files...

CVE-2025-14848

Advantech WebAccess/SCADA is affected by an absolute directory traversal vulnerability that may allow an attacker to determine the existence of arbitrary files. Affected product: Advantech WebAccess/SCADA. Root cause: absolute path traversal leading to potential information disclosure. Impact: al...

CVE-2025-14849 Advantech WebAccess/SCADA Unrestricted Upload of File with Dangerous Type

Advantech WebAccess/SCADA is vulnerable to unrestricted file upload, which may allow an attacker to remotely execute arbitrary code...

CVE-2025-14849

CVE-2025-14849 affects Advantech WebAccess/SCADA. The vulnerability is an unrestricted file upload that could allow remote code execution. Public details in the provided documents do not specify affected versions or a patch; exploitation details are not disclosed.

CVE-2025-14850 Advantech WebAccess/SCADA Improper Limitation of a Pathname to a Restricted Directory

Advantech WebAccess/SCADA is vulnerable to directory traversal, which may allow an attacker to delete arbitrary files...

CVE-2025-14850 Advantech WebAccess/SCADA Improper Limitation of a Pathname to a Restricted Directory

Advantech WebAccess/SCADA is vulnerable to directory traversal, which may allow an attacker to delete arbitrary files...

CVE-2025-14850

Affected product: Advantech WebAccess/SCADA. Vulnerability: directory traversal in WebAccess/SCADA that may allow an attacker to delete arbitrary files. Root cause: unrestricted directory traversal path handling as described across multiple sources (CVE-2025-14850). Impact: potential deletion of ...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-352-01 Inductive Automation Ignition ICSA-25-352-02 Schneider Electric EcoStruxure Foxboro DCS Advisor...

Advantech WebAccess/SCADA 代码问题漏洞

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. A code issue vulnerability exists in Advantech...

PT-2025-52336

Name of the Vulnerable Software and Affected Versions Advantech WebAccess/SCADA affected versions not specified Description Advantech WebAccess/SCADA is susceptible to a directory traversal issue. This could allow an attacker to delete arbitrary files. Recommendations At the moment, there is no...

Advantech WebAccess/SCADA 安全漏洞

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. Advantech WebAccess/SCADA suffers from a...

Advantech WebAccess/SCADA 路径遍历漏洞

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. Advantech WebAccess/SCADA suffers from a...

PT-2025-52335

Name of the Vulnerable Software and Affected Versions Advantech WebAccess/SCADA affected versions not specified Description Advantech WebAccess/SCADA is susceptible to a file upload issue that does not have restrictions. This could allow a remote attacker to execute code. The issue may allow for...

PT-2025-52348

Name of the Vulnerable Software and Affected Versions Advantech WebAccess/SCADA affected versions not specified Description Advantech WebAccess/SCADA is susceptible to a directory traversal issue. This could allow an attacker to determine if files exist on the system. Recommendations At the momen...

Advantech WebAccess/VPN AjaxNetworkController.ajaxAction Function SQL Injection Vulnerability

Advantech WebAccess/VPN is a virtual private network feature integrated in Advantech WebAccess/SCADA software, designed to provide a secure and reliable network connectivity solution for industrial automation and remote monitoring systems. Advantech WebAccess/VPN suffers from a SQL injection...

Advantech WebAccess/VPN NetworksController.addNetworkAction function cross-site scripting vulnerability

Advantech WebAccess/VPN is a virtual private network feature integrated in Advantech WebAccess/SCADA software, designed to provide a secure and reliable network connectivity solution for industrial automation and remote monitoring systems. Advantech WebAccess/VPN suffers from a cross-site scripti...