96 matches found
CVE-2020-10617
There are multiple ways an unauthenticated attacker could perform SQL injection on WebAccess/NMS versions prior to 3.0.2 to gain access to sensitive information...
CVE-2020-10603
WebAccess/NMS versions prior to 3.0.2 does not properly sanitize user input and may allow an attacker to inject system commands remotely...
CVE-2020-10621
Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS versions prior to 3.0.2...
CVE-2020-10629
WebAccess/NMS versions prior to 3.0.2 does not sanitize XML input. Specially crafted XML input could allow an attacker to read sensitive files...
EUVD-2020-3073
Malware in sbrugna...
EUVD-2021-19672
Malware in sbrugna...
EUVD-2020-3069
Malware in sbrugna...
EUVD-2020-3051
Malware in sbrugna...
EUVD-2020-3077
Malware in sbrugna...
CVE-2020-10623
Multiple vulnerabilities could allow an attacker with low privileges to perform SQL injection on WebAccess/NMS versions prior to 3.0.2 to gain access to sensitive information...
CVE-2021-32951
WebAccess/NMS Versions prior to v3.0.3Build6299 has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS...
CVE-2021-32951
WebAccess/NMS Versions prior to v3.0.3Build6299 has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS...
CVE-2021-32951
CVE-2021-32951 affects Advantech WebAccess/NMS versions prior to 3.0.3_Build6299, exposing an improper authentication vulnerability that may allow an unauthenticated attacker to view resources monitored and controlled by WebAccess/NMS, including IP addresses and names of all managed devices. The ...
Advantech WebAccess/NMS Authorization Issue Vulnerability
Advantech WebAccess/NMS is a Web browser-based network management system NMS software package from Advantech, Taiwan, China.Advantech WebAccess/NMS is vulnerable to an authorization issue in versions prior to v3.0.3Build6299, which stems from the fact that the affected product has incorrect...
Advantech WebAccess/NMS
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess/NMS Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to the exposure of resources or functionality and...
(0Day) Advantech WebAccess/NMS DashBoardAction Missing Authentication Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the DashBoardAction endpoint of the web server. The...
CVE-2020-10623
Multiple vulnerabilities could allow an attacker with low privileges to perform SQL injection on WebAccess/NMS versions prior to 3.0.2 to gain access to sensitive information...
CVE-2020-10623
Multiple vulnerabilities could allow an attacker with low privileges to perform SQL injection on WebAccess/NMS versions prior to 3.0.2 to gain access to sensitive information...
CVE-2020-10629
WebAccess/NMS versions prior to 3.0.2 does not sanitize XML input. Specially crafted XML input could allow an attacker to read sensitive files...
CVE-2020-10631
An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS's versions prior to 3.0.2 control...