EUVD-2021-21192

Malware in sbrugna...

CVE-2021-34540

Advantech WebAccess 8.4.2 and 8.4.4 allows XSS via the username column of the bwRoot.asp page of WADashboard...

Cross site scripting

Advantech WebAccess 8.4.2 and 8.4.4 allows XSS via the username column of the bwRoot.asp page of WADashboard...

CVE-2021-34540

Affected software: Advantech WebAccess 8.4.2 and 8.4.4. Vulnerability: Cross-site scripting (XSS) via the username field on the bwRoot.asp page of the WADashboard. Root cause/condition: reflected/injected XSS context is implied by the description, but explicit technical details about the root cau...

Advantech WebAccess 跨站脚本漏洞

Advantech WebAccess is a set of HMI/SCADA software based on browser architecture from Advantech, Taiwan, China. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. A security vulnerability exists in Advantec...

CVE-2020-25161

The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator...

CVE-2020-25161

The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator...

Path traversal

The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator...

CVE-2020-25161

The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator...

Advantech WebAccess/SCADA WADashboard External Control of File Path Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the WADashboard...

Advantech WebAccess WADashboard API Path Traversal Vulnerability

Advantech WebAccess is a set of HMI/SCADA software based on browser architecture from Advantech. The software supports dynamic graphical displays and real-time data control, and provides remote control and management of automation devices.WADashboard API is one of the dashboard API components. A...

Advantech WebAccess WADashboard API 'readFile' Method Path Traversal Vulnerability

Advantech WebAccess is a set of HMI/SCADA software based on browser architecture from Advantech. The software supports dynamic graphical displays and real-time data control, and provides remote control and management of automation devices.WADashboard API is one of the dashboard API components. A...

CVE-2018-15706

WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API...

CVE-2018-15706

WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API...

CVE-2018-15705

WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrary code...

Directory traversal

WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API...

CVE-2018-15706

WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API...

CVE-2018-15705

WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrary code...