259 matches found
CVE-2023-5642 Advantech R-SeeNet Unauthenticated Read/Write
Advantech R-SeeNet v2.4.23 allows an unauthenticated remote attacker to read from and write to the snmpmon.ini file, which contains sensitive information...
CVE-2023-5642
Advantech R-SeeNet v2.4.23 is affected by CVE-2023-5642. An unauthenticated remote attacker can read from and write to the snmpmon.ini file, which contains sensitive information, enabling information disclosure and potential further compromise. CVSS v3.1 metrics from NVD/Vuln reports indicate CRI...
Advantech R-SeeNet 安全漏洞
Advantech R-SeeNet is an industrial monitoring software from Advantech, China. An information disclosure vulnerability exists in Advantech R-SeeNet, which can be exploited by an attacker to obtain login credentials and the default SNMP group string from the snmpmon.ini file and use this informati...
Advantech R-SeeNet device_status Local File Inclusion Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Advantech R-SeeNet. Authentication is required to exploit this vulnerability. The specific flaw exists within the devicestatus page. The issue results from the lack of proper validation of user-supplied...
Advantech R-SeeNet Use Of Hard-Coded Credentials Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Advantech R-SeeNet. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the database. The issue results from the existence of an addition...
The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers allows a intruder to gain unauthorized access to local files.
The vulnerability of the monitoring software for the functions and status of Advantech R-SeeNet routers is related to improper external manipulation of the file name or file path. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to local...
Advantech R-SeeNet Trust Management Issue Vulnerability
Advantech R-SeeNet is an industrial monitoring software from Advantech, China. A security vulnerability exists in Advantech R-SeeNet, which can be exploited by an authenticated, remote attacker to submit a special request for unauthorized access to the system...
The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers lies in the possibility of using strictly encrypted login data, which allows a hacker to gain increased privileges.
The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers lies in the possibility of using strictly encrypted login data. Exploiting this vulnerability could allow a malicious actor to gain increased privileges...
CVE-2023-3256
Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files...
CVE-2023-3256
Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files...
CVE-2023-2611
Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users...
Code injection
Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files...
Default credentials
Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users...
CVE-2023-2611 Advantech R-SeeNet Use of Hard-coded Credentials
Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users...
CVE-2023-2611 Advantech R-SeeNet Use of Hard-coded Credentials
Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users...
CVE-2023-2611
CVE-2023-2611 affects Advantech R-SeeNet version 2.4.22 and earlier, describing a hidden root-level user with an unchangeable password (hard-coded credentials) that authenticates remotely. Several connected sources confirm the root cause: a hidden user not exposed in the standard user list with a...
CVE-2023-3256 Advantech R-SeeNet External Control of File Name or Path
Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files...
CVE-2023-3256 Advantech R-SeeNet External Control of File Name or Path
Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files...
CVE-2023-3256
Summary: CVE-2023-3256 affects Advantech R-SeeNet (version 2.4.22 and earlier). The issue is described as external control of a file name or path, enabling a low-privilege user to access and load local files. The root cause is insufficient validation of user-supplied data before it is used in a P...
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisories on June 22, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-173-02 Advantech R-SeeNet ICSA-23-173-03 SpiderControl SCADAWebServer ICSA-23-026-02...