Lucene search
K

3729 matches found

Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.8 views

PT-2026-20509

Name of the Vulnerable Software and Affected Versions Advantech WISE-6610 version 1.2.1 20251110 Description A flaw exists in Advantech WISE-6610 that allows remote execution of operating system commands. This is due to improper handling of the delete file argument within an unknown function of t...

8.6CVSS7.2AI score0.17217EPSS
Exploits2References8
Packet Storm
Packet Storm
added 2026/01/30 12:0 a.m.147 views

📄 Advantech IoTSuite / IoT Edge SQL Injection

A critical unauthenticated SQL injection vulnerability was identified in Advantech WISE-IoTSuite / SaaS Composer. The issue resides in the /displays/filename.json endpoint, where the filename parameter is improperly sanitized before being concatenated into a backend PostgreSQL query. An attacker...

6.5AI score
Exploits0
GithubExploit
GithubExploit
added 2026/01/12 10:1 a.m.247 views

Exploit for CVE-2025-52694

CVE-2025-52694: Advantech SaaS Composer SQL Injection This re...

10CVSS8.8AI score0.37867EPSS
Exploits1
CNNVD
CNNVD
added 2026/01/12 12:0 a.m.5 views

Advantech多款产品 安全漏洞

Advantech, a China-based Advantech company, provides intelligent electric bus management systems as one of its applications. A security vulnerability exists in Advantech that originates from an unauthenticated, remote attacker who can execute arbitrary SQL commands, potentially resulting in a SQL...

10CVSS6.1AI score0.37867EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/12 12:0 a.m.9 views

PT-2026-1814

Name of the Vulnerable Software and Affected Versions Advantech IoTSuite & IoT Edge products affected versions not specified Description Successful exploitation of a SQL injection issue could allow an unauthenticated remote attacker to execute arbitrary SQL commands on the vulnerable service when...

10CVSS8.1AI score0.37867EPSS
Exploits1References15
RedhatCVE
RedhatCVE
added 2026/01/09 11:20 a.m.7 views

CVE-2021-22652

Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution...

9.8CVSS6.9AI score0.36845EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:20 a.m.5 views

CVE-2021-22656

Advantech iView versions prior to v5.7.03.6112 are vulnerable to directory traversal, which may allow an attacker to read sensitive files...

7.5CVSS6.5AI score0.03124EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.7 views

CVE-2021-22658

Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an attacker to escalate privileges to 'Administrator'...

9.8CVSS7.5AI score0.12719EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:19 a.m.6 views

CVE-2019-18257

In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code with the privileges of the use...

9.8CVSS8.4AI score0.02768EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:19 a.m.7 views

CVE-2019-18233

In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack...

6.1CVSS6AI score0.00739EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:17 a.m.6 views

CVE-2019-18229

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Lack of sanitization of user-supplied input cause SQL injection vulnerabilities. An attacker can leverage these vulnerabilities to disclose information...

6.5CVSS7.9AI score0.024EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:57 a.m.7 views

CVE-2020-12022

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An improper validation vulnerability exists that could allow an attacker to inject specially crafted input into memory where it can be executed...

9.8CVSS6.8AI score0.01672EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:57 a.m.11 views

CVE-2020-12006

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control...

9.8CVSS7AI score0.03692EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:56 a.m.11 views

CVE-2020-12002

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution...

9.8CVSS8AI score0.09076EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:55 a.m.9 views

CVE-2020-12014

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL commands...

7.5CVSS7.4AI score0.01529EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:52 a.m.7 views

CVE-2020-10638

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution...

9.8CVSS8AI score0.07059EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:51 a.m.14 views

CVE-2020-10607

In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution...

8.8CVSS8AI score0.02123EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:5 a.m.6 views

CVE-2024-34542

Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process...

6.9CVSS7AI score0.00215EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:33 a.m.9 views

CVE-2024-39364

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device...

7CVSS7.3AI score0.00215EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.4 views

CVE-2019-16901

Advantech WebAccess/HMI Designer 2.1.9.31 has Exception Handler Chain corruption starting at Unknown Symbol @ 0x0000000000000000 called from ntdll!RtlRaiseStatus+0x00000000000000b4...

7.5CVSS7.2AI score0.01323EPSS
Exploits0References1
Rows per page
Query Builder