420 matches found
Exploit for CVE-2025-52694
CVE-2025-52694: Advantech SaaS Composer SQL Injection This re...
CVE-2021-27437
The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard. The system contains a hard-coded administrator username and password that can be used to query Grafana APIs. Authentication is not required for exploitation on the WISE-PaaS/RMM versions prior to...
CVE-2019-18229
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Lack of sanitization of user-supplied input cause SQL injection vulnerabilities. An attacker can leverage these vulnerabilities to disclose information...
MeLeMaD: Adaptive Malware Detection Via Chunk-Wise Feature Selection and Meta-Learning
Confronting the substantial challenges of malware detection in cybersecurity necessitates solutions that are both robust and adaptable to the ever-evolving threat environment. The paper introduces Meta Learning Malware Detection MeLeMaD, a novel framework leveraging the adaptability and...
Advantech WISE-DeviceOn Server Cross-Site Scripting Vulnerability (CNVD-2025-3097104)
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied da...
Advantech WISE-DeviceOn Server Cross-Site Scripting Vulnerability (CNVD-2025-3097005)
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied...
Advantech WISE-DeviceOn Server Cross-Site Scripting Vulnerability
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data...
Advantech WISE-DeviceOn Server Cross-Site Scripting Vulnerability (CNVD-2025-3096906)
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data...
Advantech WISE-DeviceOn Server Cross-Site Scripting Vulnerability (CNVD-2025-3097203)
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied da...
Advantech WISE-DeviceOn Server Cross-Site Scripting Vulnerability (CNVD-2025-3097798)
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data...
Advantech WISE-DeviceOn Server Hard-Coded Encryption Key Vulnerability
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a hard-coded encryption key vulnerability that can be exploited by an attacker to impersonate an arbitrary account...
Advantech WISE-DeviceOn Server Cross-Site Scripting Vulnerability (CNVD-2025-3097500)
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied...
Advantech WISE-DeviceOn Server Cross-Site Scripting Vulnerability (CNVD-2025-3097401)
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied...
Advantech WISE-DeviceOn Server Cross-Site Scripting Vulnerability (CNVD-2025-3097699)
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied da...
CVE-2025-34262
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/devices/name/agentid endpoint. When an authenticated user renames a device, the newname value is stored and later rendered in device listings or detail views without proper...
CVE-2025-34261
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/devicegroups/ endpoint. When an authenticated user creates a device group, the name and description values are stored and later rendered in device group listings without...
CVE-2025-34265
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/rule-engines endpoint. When an authenticated user creates or updates a rule for an agent, the rule fields min, max, and unit are stored and later rendered in rule listings o...
CVE-2025-34263
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/plugin-config/dashboards/menus endpoint. When an authenticated user adds or edits a dashboard entry, the label and path values are stored in plugin configuration data and...
CVE-2025-34257
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/action/defined endpoint. When an authenticated user creates a task, the definedname value is stored and later rendered in the Overview page without HTML sanitization. An...
CVE-2025-34259
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/devicemap/building endpoint. When an authenticated user creates a map entry, the name parameter is stored and later rendered in the map list UI without HTML sanitzation. An...