Lucene search
K

1697 matches found

CNNVD
CNNVD
added 2021/08/05 12:0 a.m.3 views

Advantech WebAccess/SCADA 跨站脚本漏洞

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, Taiwan, China. A cross-site scripting vulnerability exists in Advantech WebAccess/SCADA, which originates from UserExcelOut.asp failing to properly validate the correctness of user data. The...

6.1CVSS5.3AI score0.00642EPSS
Exploits0References4
Gitee
Gitee
added 2021/08/03 4:3 p.m.5 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Advantech Webaccess

This is a PoC Proof of Concept exploit for CVE-2016-0856, a vulnerability in the Windows RPC Remote Procedure Call service. The exploit targets the RpcClient and RpcDcClient classes in the bwconn.dll library. The exploit is written in Python and uses the ctypes library to interact with the Window...

10CVSS8.9AI score0.16655EPSS
Exploits9
Zero Day Initiative
Zero Day Initiative
added 2021/07/19 12:0 a.m.30 views

(0Day) Advantech WebAccess/NMS DashBoardAction Missing Authentication Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the DashBoardAction endpoint of the web server. The...

5.3CVSS1.8AI score0.0089EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/07/05 12:0 a.m.42 views

(0Day) Advantech WebAccess Node BwImgExe Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within BwImgExe.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs proces...

9.8CVSS3.8AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2021/07/05 12:0 a.m.51 views

(0Day) Advantech WebAccess Node BwFreRPT Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within BwFreRPT.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs proces...

9.8CVSS3.6AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2021/06/24 12:0 a.m.33 views

(0Day) Advantech WebAccess/HMI Designer PM3 File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

7.8CVSS5AI score0.0095EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2021/06/24 12:0 a.m.27 views

(0Day) Advantech WebAccess/HMI Designer PM3 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

7.8CVSS5.5AI score0.01041EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2021/06/24 12:0 a.m.55 views

(0Day) Advantech WebAccess/HMI Designer SNF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

7.8CVSS5AI score0.0095EPSS
Exploits0
CNNVD
CNNVD
added 2021/06/22 12:0 a.m.3 views

Advantech WebAccess HMI Designer 缓冲区错误漏洞

Advantech WebAccess HMI Designer is a human-machine interface integrated development tool from Advantech of Taiwan, China. WebAccess HMI Designer 2.1.9.95 and earlier versions contain a buffer overflow vulnerability that could be exploited by remote attackers to execute arbitrary code on the targ...

7.8CVSS6.7AI score0.0095EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/06/22 12:0 a.m.2 views

Advantech WebAccess HMI Designer 缓冲区错误漏洞

Advantech WebAccess HMI Designer is a human-machine interface integrated development tool from Advantech of Taiwan, China. WebAccess HMI Designer 2.1.9.95 and earlier versions contain a buffer overflow vulnerability that could be exploited by remote attackers to trigger out-of-bounds writes and...

7.8CVSS6.7AI score0.0097EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/06/22 12:0 a.m.4 views

Advantech WebAccess HMI Designer 缓冲区错误漏洞

Advantech WebAccess HMI Designer is a human-machine interface integrated development tool from Advantech of Taiwan, China. WebAccess HMI Designer 2.1.9.95 and earlier versions contain a security vulnerability that could be exploited by remote attackers to trigger a heap-based buffer overflow and...

7.8CVSS6.6AI score0.01041EPSS
Exploits0References4
OSV
OSV
added 2021/06/18 2:15 p.m.3 views

CVE-2021-32956

Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to redirection, which may allow an attacker to send a maliciously crafted URL that could result in redirecting a user to a malicious webpage...

6.1CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2021/06/18 2:15 p.m.13 views

Directory traversal

Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an attacker to remotely read arbitrary files on the file system...

6.8CVSS6.4AI score0.02077EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2021/06/18 12:0 a.m.8 views

Advantech WebAccess/SCADA Open Redirect Vulnerability

Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. An open redirection vulnerability exist...

6.1CVSS6.6AI score0.00699EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/18 12:0 a.m.5 views

Advantech WebAccess/SCADA Relative Path Traversal Vulnerability

Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A relative path traversal vulnerability...

6.8CVSS6.8AI score0.02077EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/17 12:0 a.m.4 views

Advantech WebAccess/SCADA 路径遍历漏洞

Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A relative path traversal vulnerability...

6.8CVSS5.9AI score0.02077EPSS
Exploits0References5
CNVD
CNVD
added 2021/06/17 12:0 a.m.6 views

Advantech WebAccess Cross-Site Scripting Vulnerability (CNVD-2021-42395)

Advantech WebAccess is a set of HMI/SCADA software based on browser architecture from Advantech, Taiwan, China. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. A security vulnerability exists in Advantec...

6.1CVSS5.9AI score0.00867EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/06/17 12:0 a.m.4 views

Advantech WebAccess/SCADA 输入验证错误漏洞

Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. An open redirection vulnerability exist...

6.1CVSS5.7AI score0.00699EPSS
Exploits0References5
OSV
OSV
added 2021/06/11 12:15 p.m.3 views

CVE-2021-34540

Advantech WebAccess 8.4.2 and 8.4.4 allows XSS via the username column of the bwRoot.asp page of WADashboard...

6.1CVSS5.8AI score0.00867EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/06/11 12:0 a.m.5 views

Advantech WebAccess 跨站脚本漏洞

Advantech WebAccess is a set of HMI/SCADA software based on browser architecture from Advantech, Taiwan, China. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. A security vulnerability exists in Advantec...

6.1CVSS5.7AI score0.00867EPSS
Exploits1References3
Rows per page
Query Builder