8 matches found
Advantech WebAccess/VPN AppManagementController.appUpgradeAction function SQL injection vulnerability
Advantech WebAccess/VPN is a virtual private network feature integrated in Advantech WebAccess/SCADA software, designed to provide a secure and reliable network connectivity solution for industrial automation and remote monitoring systems. Advantech WebAccess/VPN suffers from a SQL injection...
CVE-2025-34240
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AppManagementController.appUpgradeAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...
CVE-2025-34240 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AppManagementController.appUpgradeAction()
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AppManagementController.appUpgradeAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...
CVE-2025-34239 Advantech WebAccess/VPN < 1.1.5 Command Injection in AppManagementController.appUpgradeAction()
Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in AppManagementController.appUpgradeAction that allows an authenticated system administrator to execute arbitrary commands as the web server user www-data by supplying a crafted uploaded filename...
CVE-2025-34239 Advantech WebAccess/VPN < 1.1.5 Command Injection in AppManagementController.appUpgradeAction()
Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in AppManagementController.appUpgradeAction that allows an authenticated system administrator to execute arbitrary commands as the web server user www-data by supplying a crafted uploaded filename...
Advantech WebAccess/VPN 安全漏洞
Advantech WebAccess/VPN is a virtual private network feature integrated in Advantech WebAccess/SCADA software, designed to provide a secure and reliable network connectivity solution for industrial automation and remote monitoring systems. Advantech WebAccess/VPN suffers from a SQL injection...
Advantech WebAccess/VPN 安全漏洞
Advantech WebAccess/VPN is a virtual private network feature integrated in Advantech WebAccess/SCADA software, designed to provide a secure and reliable network connectivity solution for industrial automation and remote monitoring systems. Advantech WebAccess/VPN suffers from a command injection...
PT-2025-45357
Name of the Vulnerable Software and Affected Versions Advantech WebAccess/VPN versions prior to 1.1.5 Description The software contains a SQL injection issue in the AppManagementController.appUpgradeAction function. An authenticated, low-privileged user can inject SQL code through datatable searc...