Advantech Webaccess Security Vulnerabilities and Issues — Advantech Webaccess CVE List

Lucene search

AdvantechAdvantech Webaccess

12 matches found

CVE•added 2014/09/20 10:55 a.m.•65 views

CVE-2014-0991

Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the projectname parameter.

6.8CVSS8.1AI score0.01693EPSS

CVE•added 2014/09/20 10:55 a.m.•57 views

CVE-2014-0986

Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the GotoCmd parameter.

6.8CVSS8.1AI score0.01693EPSS

CVE•added 2014/09/20 10:55 a.m.•54 views

CVE-2014-0988

Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode parameter.

6.8CVSS8.1AI score0.01693EPSS

CVE•added 2014/09/20 10:55 a.m.•52 views

CVE-2014-0985

Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName parameter.

6.8CVSS8.1AI score0.01693EPSS

CVE•added 2012/02/21 1:31 p.m.•51 views

CVE-2012-1234

SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to execute arbitrary SQL commands via a malformed URL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0234.

6.5CVSS8.1AI score0.00228EPSS

CVE•added 2012/02/21 1:31 p.m.•47 views

CVE-2012-0237

Advantech/BroadWin WebAccess before 7.0 allows remote attackers to (1) enable date and time syncing or (2) disable date and time syncing via a crafted URL.

6.4CVSS6.7AI score0.00241EPSS

CVE•added 2012/02/21 1:31 p.m.•46 views

CVE-2012-0235

Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6CVSS7.1AI score0.00069EPSS

CVE•added 2014/09/20 10:55 a.m.•45 views

CVE-2014-0992

Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the password parameter.

6.8CVSS8.2AI score0.01693EPSS

CVE•added 2014/09/20 10:55 a.m.•43 views

CVE-2014-0987

Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName2 parameter.

6.8CVSS8.1AI score0.01693EPSS

CVE•added 2014/09/20 10:55 a.m.•40 views

CVE-2014-0989

Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode2 parameter.

6.8CVSS8.1AI score0.01693EPSS

CVE•added 2012/02/21 1:31 p.m.•39 views

CVE-2012-1235

Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0235.

6CVSS6.8AI score0.00069EPSS

CVE•added 2014/09/20 10:55 a.m.•38 views

CVE-2014-0990

Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the UserName parameter.

6.8CVSS8.1AI score0.01693EPSS