Vulnerabilities (CVE)

Filtered by vendor Advantech Subscribe
Total 302 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-2367 1 Advantech 1 Advantech Webaccess 2025-04-12 4.3 MEDIUM N/A
The ChkCookie subroutine in an ActiveX control in broadweb/include/gChkCook.asp in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.
CVE-2015-3946 1 Advantech 1 Webaccess 2025-04-12 6.8 MEDIUM 8.8 HIGH
Cross-site request forgery (CSRF) vulnerability in Advantech WebAccess before 8.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2014-0987 1 Advantech 1 Advantech Webaccess 2025-04-12 6.8 MEDIUM N/A
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName2 parameter.
CVE-2016-0855 1 Advantech 1 Webaccess 2025-04-12 5.0 MEDIUM 7.5 HIGH
Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors.
CVE-2014-2366 1 Advantech 1 Advantech Webaccess 2025-04-12 4.0 MEDIUM N/A
upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenticated users to discover credentials by reading HTML source code.
CVE-2014-0986 1 Advantech 1 Advantech Webaccess 2025-04-12 6.8 MEDIUM N/A
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the GotoCmd parameter.
CVE-2016-4528 1 Advantech 1 Webaccess 2025-04-12 4.3 MEDIUM 5.0 MEDIUM
Buffer overflow in Advantech WebAccess before 8.1_20160519 allows local users to cause a denial of service via a crafted DLL file.
CVE-2014-0764 1 Advantech 1 Advantech Webaccess 2025-04-12 7.5 HIGH N/A
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long NodeName parameter.
CVE-2014-0989 1 Advantech 1 Advantech Webaccess 2025-04-12 6.8 MEDIUM N/A
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode2 parameter.
CVE-2014-0988 1 Advantech 1 Advantech Webaccess 2025-04-12 6.8 MEDIUM N/A
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode parameter.
CVE-2016-0857 1 Advantech 1 Webaccess 2025-04-12 10.0 HIGH 9.8 CRITICAL
Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2014-0766 1 Advantech 1 Advantech Webaccess 2025-04-12 7.5 HIGH N/A
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long NodeName2 argument.
CVE-2014-2368 1 Advantech 1 Advantech Webaccess 2025-04-12 5.0 MEDIUM N/A
The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.
CVE-2014-0770 1 Advantech 1 Advantech Webaccess 2025-04-12 7.5 HIGH N/A
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long UserName parameter.
CVE-2014-2365 1 Advantech 1 Advantech Webaccess 2025-04-12 5.5 MEDIUM N/A
Unspecified vulnerability in Advantech WebAccess before 7.2 allows remote authenticated users to create or delete arbitrary files via unknown vectors.
CVE-2015-3948 1 Advantech 1 Webaccess 2025-04-12 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-8387 1 Advantech 2 Eki-6340, Eki-6340 Firmware 2025-04-12 9.0 HIGH N/A
cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi.
CVE-2015-7938 1 Advantech 4 Eki-1321, Eki-1321 Series Firmware, Eki-1322 and 1 more 2025-04-12 10.0 HIGH 9.8 CRITICAL
Advantech EKI-132x devices with firmware before 2015-12-31 allow remote attackers to bypass authentication via unspecified vectors.
CVE-2016-0853 1 Advantech 1 Webaccess 2025-04-12 5.0 MEDIUM 7.5 HIGH
Advantech WebAccess before 8.1 allows remote attackers to obtain sensitive information via crafted input.
CVE-2014-0992 1 Advantech 1 Advantech Webaccess 2025-04-12 6.8 MEDIUM N/A
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the password parameter.