22 matches found
Advantech ADAM-5550 Weak Encoding For Password (CVE-2024-37187)
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
Advantech ADAM-5550 Weak Encoding For Password (CVE-2024-37187)
Advantech ADAM 5550's web application includes a 'logs' page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output This plugin only works with Tenable.ot. Please visit...
EUVD-2024-37259
Malicious code in bioql PyPI...
EUVD-2024-36489
Malicious code in bioql PyPI...
CVE-2024-37187
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding...
The vulnerability of the microprogrammed logic controller Advantech ADAM 5550, related to the lack of protective measures for the website structure, allows attackers to carry out cross-site scripting attacks.
The vulnerability of the microprogrammed logic controller Advantech ADAM 5550 lies in the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the microprogrammed logic controller Advantech ADAM-5550, related to the use of weak encryption algorithms, allows a hacker to expose user account information.
The vulnerability of the microprogrammed logic controller Advantech ADAM-5550 lies in the use of weak encryption algorithms. Exploiting this vulnerability could allow an intruder to access user credentials...
CVE-2024-38308
Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output...
Advantech ADAM-5550 Information Disclosure Vulnerability
Advantech ADAM-5550 is a programmable automation controller from Advantech, China. The Advantech ADAM-5550 suffers from an information disclosure vulnerability due to a flaw in base64 encoding for sharing user credentials. An attacker can exploit this vulnerability to obtain credential informatio...
CVE-2024-37187
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding...
CVE-2024-38308
Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output...
CVE-2024-38308 Advantech ADAM-5550 Cross-site Scripting
Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output...
CVE-2024-38308 Advantech ADAM-5550 Cross-site Scripting
Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output...
CVE-2024-38308
CVE-2024-38308 affects Advantech ADAM-5550. The vulnerability is a Cross-Site Scripting issue on the device’s web application “logs” page where HTTP requests are displayed without proper neutralization of malicious code, enabling potential web content injection. Connected sources confirm affected...
CVE-2024-37187
CVE-2024-37187 affects Advantech ADAM-5550. Vulnerability: weak encoding for passwords via base64, exposing credentials. Affected: ADAM-5550 (all versions). Impact: potential credential disclosure; confidentiality at high risk. Mitigation: upgrade to ADAM-5630 firmware v2.5.2+ per ICS advisory. N...
CVE-2024-37187 Advantech ADAM-5550 Weak Encoding for Password
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding...
CVE-2024-37187 Advantech ADAM-5550 Weak Encoding for Password
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding...
Advantech ADAM-5550 跨站脚本漏洞
Advantech ADAM-5550 is a programmable automation controller from Advantech, China. The Advantech ADAM-5550 suffers from a cross-site scripting vulnerability that stems from the device failing to properly eliminate malicious code when parsing HTTP requests to generate page output. An attacker can...
Advantech ADAM-5550 安全漏洞
Advantech ADAM-5550 is a programmable automation controller from Advantech, China. The Advantech ADAM-5550 suffers from an information disclosure vulnerability due to a flaw in base64 encoding for sharing user credentials. An attacker can exploit this vulnerability to obtain credential informatio...
Advantech ADAM-5550
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Low attack complexity Vendor : Advantech Equipment : ADAM-5550 Vulnerabilities : Weak Encoding for Password, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to intercept...