Eki-1522 Firmware Security Vulnerabilities and Issues — Eki-1522 Firmware CVE List

cve

CVE-2023-2573

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the NTP server input field, which can be triggered by authenticated users via a crafted POST request.

8.8CVSS

8.6AI Score

0.026EPSS

2023-05-08 01:15 PM

23

cve

CVE-2023-2574

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the device name input field, which can be triggered by authenticated users via a crafted POST request.

8.8CVSS

8.6AI Score

0.026EPSS

2023-05-08 01:15 PM

22

cve

CVE-2023-2575

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stack-based Buffer Overflow vulnerability, which can be triggered by authenticated users via a crafted POST request.

8.8CVSS

8.5AI Score

0.004EPSS

2023-05-08 01:15 PM

22

cve

CVE-2023-4202

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the device name field of the web-interface.

9CVSS

5.2AI Score

0.001EPSS

2023-08-08 11:15 AM

24

cve

CVE-2023-4203

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the ping tool of the web-interface.

9CVSS

5.2AI Score

0.001EPSS

2023-08-08 11:15 AM

28

Eki-1522 Firmware Security Vulnerabilities - 2023