Lucene search
K

78 matches found

CVE
CVE
added 2024/11/26 10:55 a.m.78 views

CVE-2024-50367

The CVE-2024-50367 affects Advantech EKI-6333AC-2G (<=1.6.3), EKI-6333AC-2GD (<=1.6.3), and EKI-6333AC-1GPO (

7.2CVSS7.3AI score0.01042EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/11/26 10:55 a.m.20 views

CVE-2024-50367

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...

7.2CVSS0.01042EPSS
Exploits0References1
CVE
CVE
added 2024/11/26 10:54 a.m.74 views

CVE-2024-50365

The CVE-2024-50365 affects Advantech EKI-6333AC series devices: EKI-6333AC-2G and EKI-6333AC-2GD (versions up to 1.6.3) and EKI-6333AC-1GPO (up to 1.2.1). The root cause is improper neutralization of input in the lan_apply API, where multiple parameters are not sanitized before being concatenated...

7.2CVSS7.3AI score0.01042EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/11/26 10:54 a.m.18 views

CVE-2024-50365

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...

7.2CVSS0.01042EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/26 10:54 a.m.14 views

CVE-2024-50363

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...

7.2CVSS7AI score0.01042EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/26 10:54 a.m.10 views

CVE-2024-50362

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...

7.2CVSS7AI score0.01042EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/26 10:54 a.m.22 views

CVE-2024-50362

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...

7.2CVSS0.01042EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/26 10:53 a.m.11 views

CVE-2024-50361

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...

7.2CVSS7AI score0.00666EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/26 10:53 a.m.10 views

CVE-2024-50360

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...

7.2CVSS7AI score0.01042EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/26 10:51 a.m.13 views

CVE-2024-50358

A CWE-15 "External Control of System or Configuration Setting" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The vulnerability can be exploited by authenticated users by restoring a tampered...

7.2CVSS0.00522EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/26 12:0 a.m.4 views

PT-2024-9488 · Advantech · Eki-6333Ac-2G +1

Name of the Vulnerable Software and Affected Versions: Advantech EKI-6333AC-2G versions 1.6.3 and earlier Advantech EKI-6333AC-2GD versions 1.6.3 and earlier Advantech EKI-6333AC-1GPO versions 1.2.1 and earlier Description: A security issue was discovered in the "export log" API of Advantech's...

9CVSS7.1AI score0.01042EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/11/26 12:0 a.m.5 views

PT-2024-9484 · Advantech · Eki-6333Ac-2G +1

Name of the Vulnerable Software and Affected Versions: Advantech EKI-6333AC-2G versions 1.6.3 and earlier Advantech EKI-6333AC-2GD versions 1.6.3 and earlier Advantech EKI-6333AC-1GPO versions 1.2.1 and earlier Description: A security issue was discovered in the "lan apply" API of Advantech's...

9CVSS7.1AI score0.01042EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/08/08 12:0 a.m.5 views

Advantech Cross-Site Scripting Vulnerability

Advantech, an application of Advantech Corporation of China, provides intelligent electric bus management systems. A security vulnerability exists in Advantech EKI-1524, EKI-1522, EKI-1521 1.21 and earlier versions, which stems from the presence of a stored cross-site scripting vulnerability...

9CVSS6AI score0.00868EPSS
Exploits2References6
NVD
NVD
added 2023/05/08 1:15 p.m.16 views

CVE-2023-2575

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stack-based Buffer Overflow vulnerability, which can be triggered by authenticated users via a crafted POST request...

8.8CVSS8.7AI score0.15499EPSS
Exploits2References6
Prion
Prion
added 2023/05/08 1:15 p.m.18 views

Stack overflow

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stack-based Buffer Overflow vulnerability, which can be triggered by authenticated users via a crafted POST request...

6.5CVSS8.5AI score0.15499EPSS
Exploits2References6Affected Software3
Vulnrichment
Vulnrichment
added 2023/05/08 12:33 p.m.11 views

CVE-2023-2573 Authenticated Command Injection

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the NTP server input field, which can be triggered by authenticated users via a crafted POST request...

8.8CVSS8.7AI score0.04751EPSS
Exploits3References6
Positive Technologies
Positive Technologies
added 2023/05/08 12:0 a.m.5 views

PT-2023-7944 · Advantech · Eki-1522 +2

Name of the Vulnerable Software and Affected Versions: Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 Description: The issue is related to a Stack-based Buffer Overflow vulnerability, which can be triggered by authenticated users via a crafted POST request. This vulnerability may all...

9CVSS8.6AI score0.15499EPSS
Exploits2References10
ATTACKERKB
ATTACKERKB
added 2016/01/09 2:59 a.m.2 views

CVE-2015-7938

Advantech EKI-132x devices with firmware before 2015-12-31 allow remote attackers to bypass authentication via unspecified vectors...

10CVSS5.6AI score0.03764EPSS
Exploits0References2
Rows per page
Query Builder