Lucene search
K

3452 matches found

Vulnrichment
Vulnrichment
added 2025/12/18 8:38 p.m.5 views

CVE-2025-67653 Advantech WebAccess/SCADA Path Traversal

Advantech WebAccess/SCADA is vulnerable to directory traversal, which may allow an attacker to determine the existence of arbitrary files...

5.3CVSS6.6AI score0.00609EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/18 8:38 p.m.25 views

CVE-2025-67653 Advantech WebAccess/SCADA Path Traversal

Advantech WebAccess/SCADA is vulnerable to directory traversal, which may allow an attacker to determine the existence of arbitrary files...

5.3CVSS0.00609EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/18 8:35 p.m.21 views

CVE-2025-46268 Advantech WebAccess/SCADA SQL Injection

Advantech WebAccess/SCADA is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands...

6.3CVSS0.0028EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/18 8:34 p.m.24 views

CVE-2025-14848 Advantech WebAccess/SCADA Absolute Path Traversal

Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, which may allow an attacker to determine the existence of arbitrary files...

5.3CVSS0.00558EPSS
Exploits0References3
CVE
CVE
added 2025/12/18 8:34 p.m.17 views

CVE-2025-14848

Advantech WebAccess/SCADA is affected by an absolute directory traversal vulnerability that may allow an attacker to determine the existence of arbitrary files. Affected product: Advantech WebAccess/SCADA. Root cause: absolute path traversal leading to potential information disclosure. Impact: al...

5.3CVSS6.6AI score0.00558EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/18 8:32 p.m.2 views

CVE-2025-14849 Advantech WebAccess/SCADA Unrestricted Upload of File with Dangerous Type

Advantech WebAccess/SCADA is vulnerable to unrestricted file upload, which may allow an attacker to remotely execute arbitrary code...

8.8CVSS7.1AI score0.00531EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/18 8:32 p.m.24 views

CVE-2025-14849 Advantech WebAccess/SCADA Unrestricted Upload of File with Dangerous Type

Advantech WebAccess/SCADA is vulnerable to unrestricted file upload, which may allow an attacker to remotely execute arbitrary code...

8.8CVSS0.00531EPSS
Exploits0References3
CVE
CVE
added 2025/12/18 8:32 p.m.22 views

CVE-2025-14849

CVE-2025-14849 affects Advantech WebAccess/SCADA. The vulnerability is an unrestricted file upload that could allow remote code execution. Public details in the provided documents do not specify affected versions or a patch; exploitation details are not disclosed.

9.8CVSS7.1AI score0.00531EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2025/12/18 8:24 p.m.16 views

CVE-2025-13911

CVE-2025-13911 affects Inductive Automation Ignition SCADA, where Python scripting is used for automation. The root cause is insufficient controls on which Python libraries can be imported/executed within the scripting environment, paired with an Ignition service account that has system-level Win...

7.3CVSS6.8AI score0.00221EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.10 views

PT-2025-52337

Name of the Vulnerable Software and Affected Versions Advantech WebAccess/SCADA affected versions not specified Description Advantech WebAccess/SCADA is susceptible to a SQL injection issue. Successful exploitation could allow an attacker to execute arbitrary SQL commands. Recommendations At the...

6.3CVSS7.7AI score0.0028EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.5 views

Advantech WebAccess/SCADA 路径遍历漏洞

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. Advantech WebAccess/SCADA suffers from a...

7.5CVSS6AI score0.00609EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.8 views

PT-2025-52334

Name of the Vulnerable Software and Affected Versions Advantech WebAccess/SCADA affected versions not specified Description Advantech WebAccess/SCADA is susceptible to an absolute directory traversal issue. This flaw could allow an attacker to identify the existence of arbitrary files...

5.3CVSS6.4AI score0.00558EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.7 views

Advantech WebAccess/SCADA SQL注入漏洞

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. An SQL injection vulnerability exists in...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.4 views

Advantech WebAccess/SCADA 路径遍历漏洞

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. A directory traversal vulnerability exists in...

9.1CVSS6AI score0.00807EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.4 views

PT-2025-52336

Name of the Vulnerable Software and Affected Versions Advantech WebAccess/SCADA affected versions not specified Description Advantech WebAccess/SCADA is susceptible to a directory traversal issue. This could allow an attacker to delete arbitrary files. Recommendations At the moment, there is no...

8.1CVSS6.5AI score0.00807EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.9 views

PT-2025-52333

Name of the Vulnerable Software and Affected Versions Ignition SCADA applications affected versions not specified Description The issue concerns Ignition SCADA applications utilizing Python scripting for automation. A lack of security controls regarding Python library imports and execution allows...

7.3CVSS7AI score0.00221EPSS
Exploits0References6
CISA KEV Catalog
CISA KEV Catalog
added 2025/12/03 12:0 a.m.13 views

OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability

OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via viewedit.shtm...

8.8CVSS7.5AI score0.39096EPSS
In wildExploits8
RedhatCVE
RedhatCVE
added 2025/12/01 4:17 p.m.5 views

CVE-2025-13791

A vulnerability was identified in Scada-LTS up to 2.7.8.1. Affected is the function Common.getHomeDir of the file br/org/scadabr/vo/exporter/ZIPProjectManager.java of the component Project Import. Such manipulation leads to path traversal. The attack may be launched remotely. The exploit is...

6.5CVSS6.6AI score0.00414EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/01 3:19 p.m.7 views

CVE-2025-13790

A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure...

8.8CVSS6.4AI score0.00225EPSS
Exploits1References1
NVD
NVD
added 2025/11/30 4:15 p.m.10 views

CVE-2025-13791

A vulnerability was identified in Scada-LTS up to 2.7.8.1. Affected is the function Common.getHomeDir of the file br/org/scadabr/vo/exporter/ZIPProjectManager.java of the component Project Import. Such manipulation leads to path traversal. The attack may be launched remotely. The exploit is...

6.5CVSS0.00414EPSS
Exploits1References5
Rows per page
Query Builder