Advantech Webaccess Security Vulnerabilities and Issues — Advantech Webaccess CVE List

Lucene search

AdvantechAdvantech Webaccess

5 matches found

CVE•added 2014/07/19 5:9 a.m.•61 views

CVE-2014-2367

The ChkCookie subroutine in an ActiveX control in broadweb/include/gChkCook.asp in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.

4.3CVSS6.7AI score0.00313EPSS

CVE•added 2014/07/19 5:9 a.m.•55 views

CVE-2014-2368

The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.

5CVSS6.7AI score0.00289EPSS

CVE•added 2014/07/19 5:9 a.m.•54 views

CVE-2014-2364

Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the (1) ProjectName, (2) SetParameter, (3) NodeName, (4) CCDParameter, (5) SetColor, (6) AlarmImage, (7) GetParameter, (8) GetColor, (9) ServerResponse, (10)...

7.5CVSS7.6AI score0.39104EPSS

CVE•added 2014/07/19 5:9 a.m.•50 views

CVE-2014-2366

upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenticated users to discover credentials by reading HTML source code.

4CVSS6.2AI score0.00246EPSS

CVE•added 2014/07/19 5:9 a.m.•45 views

CVE-2014-2365

Unspecified vulnerability in Advantech WebAccess before 7.2 allows remote authenticated users to create or delete arbitrary files via unknown vectors.

5.5CVSS6.4AI score0.00275EPSS