CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the ping tool of the web-interface...

9CVSS5.9AI score0.00868EPSS

Exploits2References5

RedhatCVE•added 2025/02/05 6:51 a.m.•3 views

CVE-2024-50361

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...

7.2CVSS7.1AI score0.00666EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 6:46 a.m.•2 views

CVE-2024-50372

9.8CVSS8AI score0.01285EPSS

Exploits0References1

BDU FSTEC•added 2024/12/16 12:0 a.m.•5 views

The vulnerability of the “sta_log_htm” application programming interface in the microprogramming-based wireless access points of Advantech EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the “staloghtm” application programming interface in the microprogramming-based wireless access points of Advantech EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO models exists due to the lack of measures taken to neutralize the special elements used in the operating syst...

9CVSS5.5AI score0.01042EPSS

Exploits0References3Affected Software3

BDU FSTEC•added 2024/12/16 12:0 a.m.•3 views

The vulnerability of the application software interface “applications_apply” of the microprogrammable multifunctional wireless access points Advantech EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the “applicationsapply” application programming interface of the microprogramming devices used in multifunctional wireless access points of Advantech models EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO exists due to the lack of measures taken to neutralize the special...

9CVSS5.5AI score0.01042EPSS

Exploits0References3Affected Software3

BDU FSTEC•added 2024/12/16 12:0 a.m.•1 views

The vulnerability of the application software interface “certificate_file_remove” of the multifunctional wireless access points manufactured by Advantech, models EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the application software interface “certificatefileremove” of the multifunctional wireless access points of the Advantech EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO models exists due to the lack of measures taken to neutralize the special elements used in the operatin...

9CVSS5.5AI score0.00666EPSS

Exploits0References3Affected Software3

BDU FSTEC•added 2024/12/16 12:0 a.m.•3 views

The vulnerability of the “export_log” application interface in the microprogramming system of multifunctional wireless access points of Advantech models EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the “exportlog” application interface in the microprogramming devices of the multifunctional wireless access points Advantech EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO exists due to the failure to take measures to neutralize the special elements used in the operating...

9CVSS5.5AI score0.01042EPSS

Exploits0References3Affected Software3

BDU FSTEC•added 2024/12/16 12:0 a.m.•3 views

The vulnerability of the “edgserver” service in the microprogramming software for multifunctional wireless access points of Advantech models EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO allows a hacker to execute arbitrary commands with root privileges.

The vulnerability of the “edgserver” service in the microprogramming-based wireless access points of Advantech EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO models exists due to the failure to take measures to neutralize the special elements used in the operating system commands. Exploiting...

10CVSS5.8AI score0.01285EPSS

Exploits0References3Affected Software3

BDU FSTEC•added 2024/12/16 12:0 a.m.•3 views

The vulnerability of the “mp_apply” application programming interface of the microprogramming devices for multifunctional wireless access points Advantech EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the “mpapply” application programming interface of the microprogramming-based wireless access points of Advantech models EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO exists due to the lack of measures taken to neutralize the special elements used in the operating system...

9CVSS5.5AI score0.01042EPSS

Exploits0References3Affected Software3

BDU FSTEC•added 2024/11/29 12:0 a.m.•6 views

The vulnerabilities of the microprogrammed software of the multifunctional wireless access points Advantech EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO allow attackers to execute arbitrary commands.

The vulnerability of the microprogrammed software in multifunctional wireless access points Advantech EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO lies in the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary command...

7.8CVSS8.3AI score0.00453EPSS

Exploits0References2Affected Software3