9 matches found
The vulnerability of the microprogrammed software of Advantech EKI-1524, EKI-1522, and EKI-1521 allows a perpetrator to execute arbitrary codes.
The vulnerability of microprogrammed software in Advantech EKI-1524, EKI-1522, and EKI-1521 industrial switches lies in the ability to write code outside the buffer memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted POST requests...
The vulnerability of the microprogramming software of Advantech EKI-1524, EKI-1522, and EKI-1521 allows a perpetrator to execute arbitrary commands.
The vulnerability of microprogrammed software in the serial interface servers of Advantech EKI-1524, EKI-1522, and EKI-1521 exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to...
CVE-2023-4203
Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the ping tool of the web-interface...
CVE-2023-4203 Stored Cross-Site Scripting
Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the ping tool of the web-interface...
CVE-2023-4203 Stored Cross-Site Scripting
Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the ping tool of the web-interface...
PT-2023-5481 · Advantech · Eki-1522 +2
Name of the Vulnerable Software and Affected Versions: Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 Description: The issue is related to a Stored Cross-Site Scripting vulnerability. This vulnerability can be triggered by authenticated users in the device name field of the...
CVE-2023-2574
Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the device name input field, which can be triggered by authenticated users via a crafted POST request...
Advantech 命令注入漏洞
Advantech, a China-based Advantech application, provides intelligent electric bus management systems. A security vulnerability exists in Advantech EKI-1524, EKI-1522, EKI-1521 version 1.21 and prior versions, which stems from the discovery of a command injection vulnerability included...
Advantech EKI-1524 suffers from a denial of service vulnerability
The EKI-1524 is a serial device networking server. A denial of service vulnerability exists in the Advantech EKI-1524, which can be exploited by an attacker to cause a device to automatically reboot...