Advantech DeviceOn/iEdge Path Traversal Vulnerability

Advantech DeviceOn/iEdge is an edge device remote management and operation and maintenance platform from Advantech, Taiwan, China. A path traversal vulnerability exists in Advantech DeviceOn/iEdge, which can be exploited by an attacker to read arbitrary files or bypass authentication...

Advantech DeviceOn/iEdge Path Traversal Vulnerability (CNVD-2026-11788)

Advantech DeviceOn/iEdge is a remote management and operation and maintenance platform for edge devices from Advantech, Taiwan, China. Advantech DeviceOn/iEdge suffers from a path traversal vulnerability that is caused by allowing the upload of specially crafted configuration files. An attacker...

Advantech DeviceOn/iEdge Path Traversal Vulnerability (CNVD-2026-11789)

Advantech DeviceOn/iEdge is a remote management and operation and maintenance platform for edge devices from Advantech, Taiwan, China. Advantech DeviceOn/iEdge suffers from a path traversal vulnerability that can be exploited by an attacker to upload a specially crafted configuration file for...

Advantech DeviceOn/iEdge Cross-Site Scripting Vulnerability

Advantech DeviceOn/iEdge is a remote management and operation and maintenance platform for edge devices from Advantech, Taiwan, China. A cross-site scripting vulnerability exists in Advantech DeviceOn/iEdge, which stems from insufficient cleanup of dashboard labels or path inputs, and can be...

CVE-2025-58423

CVE-2025-58423 affects Advantech DeviceOn/iEdge; root cause is insufficient sanitization of inputs, enabling a path traversal that can cause a Denial of Service, directory traversal, or read/write of files in the context of the local system account. Public sources (CNNVD/NVD) indicate impact up t...

CVE-2025-58423 Advantech DeviceOn/iEdge Path Traversal

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to cause a denial-of-service condition, traverse directories, or read/write files, within the context of the local system account...

CVE-2025-58423 Advantech DeviceOn/iEdge Path Traversal

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to cause a denial-of-service condition, traverse directories, or read/write files, within the context of the local system account...

CVE-2025-59171 Advantech DeviceOn/iEdge Path Traversal

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions...

CVE-2025-59171 Advantech DeviceOn/iEdge Path Traversal

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions...

CVE-2025-59171

CVE-2025-59171 affects Advantech DeviceOn/iEdge. The issue is caused by insufficient sanitization in the dashboard label or path, allowing an attacker to upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions. Public s...

CVE-2025-62630 Advantech DeviceOn/iEdge Path Traversal

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions...

CVE-2025-62630 Advantech DeviceOn/iEdge Path Traversal

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions...

CVE-2025-62630

Summary (CVE-2025-62630 – Advantech DeviceOn/iEdge) : A path traversal vulnerability exists due to insufficient sanitization in the DeviceOn/iEdge dashboard label/path, enabling an unauthenticated attacker to upload a crafted configuration file, traverse directories, and trigger remote code execu...

CVE-2025-64302 Advantech DeviceOn/iEdge Cross-site Scripting

Insufficient input sanitization in the dashboard label or path can allow an attacker to trigger a device error causing information disclosure or data manipulation...

CVE-2025-64302

The CVE-2025-64302 entry concerns Advantech DeviceOn/iEdge (edge device). The root cause is insufficient input sanitization of dashboard labels/paths, which can allow an attacker to trigger a device error and cause information disclosure or data manipulation . Some connected reports also describe...

CVE-2025-64302 Advantech DeviceOn/iEdge Cross-site Scripting

Insufficient input sanitization in the dashboard label or path can allow an attacker to trigger a device error causing information disclosure or data manipulation...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-310-01 Advantech DeviceOn iEdge ICSA-25-310-02 Ubia Ubox ICSA-25-310-03 ABB FLXeon Controllers...

Advantech DeviceOn/iEdge 路径遍历漏洞

Advantech DeviceOn/iEdge is a remote management and operation and maintenance platform for edge devices from Advantech, Taiwan, China. Advantech DeviceOn/iEdge suffers from a path traversal vulnerability that is caused by allowing the upload of specially crafted configuration files. An attacker...

Advantech DeviceOn/iEdge 路径遍历漏洞

Advantech DeviceOn/iEdge is an edge device remote management and operation and maintenance platform from Advantech, Taiwan, China. A path traversal vulnerability exists in Advantech DeviceOn/iEdge, which can be exploited by an attacker to read arbitrary files or bypass authentication...

Advantech DeviceOn/iEdge 跨站脚本漏洞

Advantech DeviceOn/iEdge is a remote management and operation and maintenance platform for edge devices from Advantech, Taiwan, China. A cross-site scripting vulnerability exists in Advantech DeviceOn/iEdge, which stems from insufficient cleanup of dashboard labels or path inputs, and can be...