Advantech WebAccess/VPN AjaxNetworkController.ajaxAction Function SQL Injection Vulnerability

Advantech WebAccess/VPN is a virtual private network feature integrated in Advantech WebAccess/SCADA software, designed to provide a secure and reliable network connectivity solution for industrial automation and remote monitoring systems. Advantech WebAccess/VPN suffers from a SQL injection...

PT-2025-45359

Name of the Vulnerable Software and Affected Versions Advantech WebAccess/VPN versions prior to 1.1.5 Description The software contains a SQL injection issue in the AjaxNetworkController.ajaxAction function. An authenticated, low-privileged user can inject SQL code through datatable search...