CVE-2023-5642 – Advantech R-SeeNet Unauthenticated Read/Write
https://notcve.org/view.php?id=CVE-2023-5642
Advantech R-SeeNet v2.4.23 allows an unauthenticated remote attacker to read from and write to the snmpmon.ini file, which contains sensitive information. Advantech R-SeeNet v2.4.23 permite a un atacante remoto no autenticado leer y escribir en el archivo snmpmon.ini, que contiene información confidencial. • https://tenable.com/security/research/tra-2023-33 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-2611 – Advantech R-SeeNet Use of Hard-coded Credentials
https://notcve.org/view.php?id=CVE-2023-2611
Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users. This vulnerability allows remote attackers to bypass authentication on affected installations of Advantech R-SeeNet. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the database. The issue results from the existence of an additional user in the database that is not visible in the web application. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-173-02 • CWE-798: Use of Hard-coded Credentials •
CVE-2023-3256 – Advantech R-SeeNet External Control of File Name or Path
https://notcve.org/view.php?id=CVE-2023-3256
Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files. This vulnerability allows remote attackers to escalate privileges on affected installations of Advantech R-SeeNet. Authentication is required to exploit this vulnerability. The specific flaw exists within the device_status page. The issue results from the lack of proper validation of user-supplied data prior to passing it to a PHP include function. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-173-02 • CWE-73: External Control of File Name or Path CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVE-2022-3386 – Advantech R-SeeNet out Endpoint Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-3386
Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can use an outsized filename to overflow the stack buffer and enable remote code execution. Las versiones 2.4.17 y anteriores de Advantech R-SeeNet son vulnerables a un Desbordamiento del Búfer. Un atacante no autorizado puede utilizar un nombre de archivo de gran tamaño para Desbordamiento del Búfer y permitir la ejecución remota de código. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech R-SeeNet. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-291-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2022-3387 – Advantech R-SeeNet out.php Directory Traversal Arbitrary File Read and Deletion Vulnerability
https://notcve.org/view.php?id=CVE-2022-3387
Advantech R-SeeNet Versions 2.4.19 and prior are vulnerable to path traversal attacks. An unauthorized attacker could remotely exploit vulnerable PHP code to delete .PDF files. Las versiones 2.4.19 y anteriores de Advantech R-SeeNet son vulnerables a ataques de Path Traversal. Un atacante no autorizado podría explotar de forma remota un código PHP vulnerable para eliminar archivos .PDF. This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of Advantech R-SeeNet. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-291-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •