Lucene search
+L

199 matches found

CNVD
CNVD
added 2021/01/20 12:0 a.m.3 views

File Uploading Vulnerability in Eki Technologies ERP System

Ltd. is a software company focusing on enterprise management, specializing in providing professional information management consulting, software development and online mall development and other information services. A file upload vulnerability exists in the ERP system of EqiTech, which can be...

7AI score
Exploits0
CNVD
CNVD
added 2021/01/17 12:0 a.m.3 views

Advantech EKI-1524 suffers from a denial of service vulnerability

The EKI-1524 is a serial device networking server. A denial of service vulnerability exists in the Advantech EKI-1524, which can be exploited by an attacker to cause a device to automatically reboot...

6.9AI score
Exploits0
CNVD
CNVD
added 2020/08/20 12:0 a.m.3 views

Command Execution Vulnerability in EKI-1521 at Advantech (China) Co.

The EKI-1521 is a serial device networking server that supports RS-232/422/485. A command execution vulnerability exists in the Advantech China EKI-1521, which can be exploited by an attacker to remotely execute system commands...

7.3AI score
Exploits0
CNVD
CNVD
added 2020/08/19 12:0 a.m.1 views

Denial of Service Vulnerability in EKI-1511X-AE/ADAM-4571-CE at Advantech (China) Co.

Advantech China Co., Ltd. is a global manufacturer in the intelligent system industry. A denial of service vulnerability exists in Advantech China Co. EKI-1511X-AE/ADAM-4571-CE, which can be exploited by attackers to cause a program crash...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/07/26 2:55 p.m.27 views

portaal.eki.ee XSS vulnerability

Vulnerable URL: http://portaal.eki.ee/component/search/?searchword=ssss==all&s7tdj;%2522%253e%253cscript%253ealert%2528'OPENBUGBOUNTY'%2529%253c%252fscript%253el048m=1 Details: Description| Value ---|--- Patched:| Yes, at 23.02.2017 Latest check for patch:| 23.02.2017 18:21 GMT Vulnerability type...

6.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/02/08 12:0 a.m.7 views

The vulnerability of the embedded software of the industrial Ethernet switch EKI models 1361, 1362, 1321, 122x, and 1322 allows a intruder to gain access to the device.

The embedded software of the industrial Ethernet switch EKI models 1361, 1362, 1321, 122x, and 1322 contains SSH keys by default. Exploiting this vulnerability allows a malicious actor to gain access to the device by establishing an SSH connection remotely...

10CVSS5.5AI score0.02338EPSS
Exploits0References2Affected Software5
ThreatPost
ThreatPost
added 2016/01/15 10:6 a.m.15 views

Advantech EKI Vulnerable to Bypass, Possible Backdoor

Researchers have uncovered yet another issue–and potential backdoor–in Advantech’s beleaguered EKI-1322 serial device server. The Dropbear SSH daemon associated with the server, because of heavy modifications, fails to enforce authentication. This makes it so any user who wants to bypass...

1.4AI score
Exploits0References5
CNVD
CNVD
added 2016/01/13 12:0 a.m.5 views

Advantech EKI-132x Device Authentication Bypass Vulnerability

Advantech EKI-132x is a serial device networking server from Advantech China that provides various redundant configurations and multiple access configurations for remote monitoring of serial devices via Ethernet communication protocol. A security vulnerability exists in Advantech EKI-132x devices...

10CVSS6.9AI score0.03764EPSS
Exploits0References1
NVD
NVD
added 2016/01/09 2:59 a.m.23 views

CVE-2015-7938

Advantech EKI-132x devices with firmware before 2015-12-31 allow remote attackers to bypass authentication via unspecified vectors...

10CVSS9.7AI score0.03764EPSS
Exploits0References1
Prion
Prion
added 2016/01/09 2:59 a.m.17 views

Authentication flaw

Advantech EKI-132x devices with firmware before 2015-12-31 allow remote attackers to bypass authentication via unspecified vectors...

10CVSS7.6AI score0.03764EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2016/01/09 2:0 a.m.52 views

CVE-2015-7938

Advantech EKI-132x devices running firmware older than 2015-12-31 are affected by an authentication bypass vulnerability (CVE-2015-7938). The issue allows remote attackers to bypass authentication and access the device, with exploits publicly available in the wild. A firmware update released on 2...

10CVSS9.5AI score0.03764EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2016/01/09 2:0 a.m.28 views

CVE-2015-7938

Advantech EKI-132x devices with firmware before 2015-12-31 allow remote attackers to bypass authentication via unspecified vectors...

9.7AI score0.03764EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2015/12/02 12:29 p.m.11 views

Advantech EKI Vulnerable to Shellshock, Heartbleed

Twice in the past year, security researchers have found and reported critical vulnerabilities in Modbus gateways built by Advantech that are used to connect serial devices in industrial control environments to IP networks. Most recently, independent security researcher Neil Smith found hard-coded...

8.2AI score
Exploits0References9
ICS
ICS
added 2015/11/13 7:0 a.m.35 views

Advantech EKI-1200 Buffer Overflow

OVERVIEW Enrique Nissim and Pablo Lorenzzato from Core Security Engineering Team have identified a buffer overflow vulnerability in Advantech EKI-1200 product line. Advantech has produced a patch that mitigates this vulnerability. CORE Security has tested the patch to validate that it resolves th...

10CVSS7.5AI score0.04045EPSS
Exploits0References10
CNVD
CNVD
added 2015/11/10 12:0 a.m.5 views

SSH Key Vulnerability in Multiple Advantech Products

The Advantech EKI-122x-BE, EKI-132x, and EKI-136x are serial device networking servers from Advantech, China, that provide a variety of redundancy configurations and multiple access configurations for remotely monitoring serial devices via Ethernet communication protocols. A security vulnerabilit...

10CVSS7.2AI score0.02338EPSS
Exploits0References1
Prion
Prion
added 2015/11/07 3:59 a.m.15 views

Hardcoded credentials

Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session...

10CVSS7.4AI score0.02338EPSS
Exploits0References1Affected Software5
CVE
CVE
added 2015/11/07 2:0 a.m.72 views

CVE-2015-6476

The CVE-2015-6476 vulnerability affects Advantech EKI-122x-BE (firmware <1.65), EKI-132x (firmware <1.98), and EKI-136x (firmware

10CVSS7.1AI score0.02338EPSS
Exploits0References1Affected Software2
ICS
ICS
added 2015/09/12 6:0 a.m.60 views

Advantech EKI Vulnerabilities (Update B)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-15-344-01A Advantech EKI Vulnerabilities that was published December 15, 2015, on the NCCIC/ICS-CERT web site. --------- Begin Update B Part 1 of 3 -------- HD Moore of Rapid7 identified several vulnerabilities in...

10AI score
Exploits0References10
ICS
ICS
added 2015/08/08 6:0 a.m.40 views

Advantech EKI Hard-coded SSH Keys Vulnerability

OVERVIEW Independent researcher Neil Smith has identified a hard-coded SSH key vulnerability in Advantech’s EKI-122X series products. Advantech has produced new firmware to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Advantech reports that the...

10CVSS6.9AI score0.02338EPSS
Exploits0References10
NVD
NVD
added 2015/02/13 2:59 a.m.18 views

CVE-2014-8385

Buffer overflow on Advantech EKI-1200 gateways with firmware before 1.63 allows remote attackers to execute arbitrary code via unspecified vectors...

10CVSS8.1AI score0.04045EPSS
Exploits0References1
Rows per page
Query Builder