CVE-2023-5642 Advantech R-SeeNet Unauthenticated Read/Write

Advantech R-SeeNet v2.4.23 allows an unauthenticated remote attacker to read from and write to the snmpmon.ini file, which contains sensitive information...

CVE-2023-5642

Advantech R-SeeNet v2.4.23 is affected by CVE-2023-5642. An unauthenticated remote attacker can read from and write to the snmpmon.ini file, which contains sensitive information, enabling information disclosure and potential further compromise. CVSS v3.1 metrics from NVD/Vuln reports indicate CRI...

Advantech R-SeeNet 安全漏洞

Advantech R-SeeNet is an industrial monitoring software from Advantech, China. An information disclosure vulnerability exists in Advantech R-SeeNet, which can be exploited by an attacker to obtain login credentials and the default SNMP group string from the snmpmon.ini file and use this informati...

Advantech R-SeeNet Use Of Hard-Coded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Advantech R-SeeNet. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the database. The issue results from the existence of an addition...

Advantech R-SeeNet device_status Local File Inclusion Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Advantech R-SeeNet. Authentication is required to exploit this vulnerability. The specific flaw exists within the devicestatus page. The issue results from the lack of proper validation of user-supplied...

The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers allows a intruder to gain unauthorized access to local files.

The vulnerability of the monitoring software for the functions and status of Advantech R-SeeNet routers is related to improper external manipulation of the file name or file path. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to local...

Advantech R-SeeNet Trust Management Issue Vulnerability

Advantech R-SeeNet is an industrial monitoring software from Advantech, China. A security vulnerability exists in Advantech R-SeeNet, which can be exploited by an authenticated, remote attacker to submit a special request for unauthorized access to the system...

The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers lies in the possibility of using strictly encrypted login data, which allows a hacker to gain increased privileges.

The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers lies in the possibility of using strictly encrypted login data. Exploiting this vulnerability could allow a malicious actor to gain increased privileges...

CVE-2023-3256

Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files...

CVE-2023-2611

Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users...

CVE-2023-2611

Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users...

CVE-2023-3256

Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files...

Code injection

Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files...

Default credentials

Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users...

CVE-2023-2611 Advantech R-SeeNet Use of Hard-coded Credentials

Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users...

CVE-2023-2611

CVE-2023-2611 affects Advantech R-SeeNet version 2.4.22 and earlier, describing a hidden root-level user with an unchangeable password (hard-coded credentials) that authenticates remotely. Several connected sources confirm the root cause: a hidden user not exposed in the standard user list with a...

CVE-2023-2611 Advantech R-SeeNet Use of Hard-coded Credentials

Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users...

CVE-2023-3256 Advantech R-SeeNet External Control of File Name or Path

Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files...

CVE-2023-3256 Advantech R-SeeNet External Control of File Name or Path

Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files...

CVE-2023-3256

Summary: CVE-2023-3256 affects Advantech R-SeeNet (version 2.4.22 and earlier). The issue is described as external control of a file name or path, enabling a low-privilege user to access and load local files. The root cause is insufficient validation of user-supplied data before it is used in a P...