CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25157 – Advantech R-SeeNet device_position device_id SQL Injection Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-25157
The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection, which allows a remote attacker to invoke queries on the database and retrieve sensitive information. La página web de R-SeeNet (versiones 1.5.1 hasta 2.4.10) sufre de una inyección SQL, que permite a un atacante remoto invocar consultas en la base de datos y recuperar información confidencial This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech R-SeeNet. Authentication is not required to exploit this vulnerability. The specific flaw exists within device_position.php. When parsing the device_id parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. • https://us-cert.cisa.gov/ics/advisories/icsa-20-289-02 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25161 – Advantech WebAccess/SCADA WADashboard External Control of File Path Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-25161
The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator. El componente WADashboard de WebAccess/SCADA Versiones 9.0 y anteriores, puede permitir a un atacante controlar o influir en una ruta usada en una operación en el sistema de archivos y ejecutar código remotamente como administrador This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the WADashboard component. The issue results from the lack of proper validation of a user-supplied path prior to using it to read and execute code from a file. An attacker can leverage this vulnerability to execute code in the context of Administrator. • https://us-cert.cisa.gov/ics/advisories/icsa-20-289-01 • CWE-73: External Control of File Name or Path CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-16202
https://notcve.org/view.php?id=CVE-2020-16202
WebAccess Node (All versions prior to 9.0.1) has incorrect permissions set for resources used by specific services, which may allow code execution with system privileges. WebAccess Node (todas las versiones anteriores a 9.0.1) presenta permisos incorrectos establecidos para los recursos usados por servicios específicos, lo que puede permitir una ejecución de código con privilegios system • https://us-cert.cisa.gov/ics/advisories/icsa-20-261-01 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 16%CPEs: 1EXPL: 0CVE-2020-16245 – Advantech iView NetworkServlet findSummaryCfgDeviceListExport Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-16245
Advantech iView, Versions 5.7 and prior. The affected product is vulnerable to path traversal vulnerabilities that could allow an attacker to create/download arbitrary files, limit system availability, and remotely execute code. Advantech iView, versiones 5.7 y anteriores. El producto afectado es susceptible a vulnerabilidades de salto de ruta que podrían permitir a un atacante crear y descargar archivos arbitrarios, limitar la disponibilidad del sistema y ejecutar código remotamente This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the findSummaryCfgDeviceListExport method of the NetworkServlet class. • https://us-cert.cisa.gov/ics/advisories/icsa-20-238-01 https://www.zerodayinitiative.com/advisories/ZDI-20-1084 https://www.zerodayinitiative.com/advisories/ZDI-20-1085 https://www.zerodayinitiative.com/advisories/ZDI-20-1086 https://www.zerodayinitiative.com/advisories/ZDI-20-1087 https://www.zerodayinitiative.com/advisories/ZDI-20-1088 https://www.zerodayinitiative.com/advisories/ZDI-20-1089 https://www.zerodayinitiative.com/advisories/ZDI-20-1090 https://www.zerodayinitiative.com/advisories/ZDI& • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-16229 – Advantech WebAccess/HMI Designer PM3 File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-16229
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a type confusion condition, which may allow remote code execution, disclosure/modification of information, or cause the application to crash. Advantech WebAccess HMI Designer, versiones 2.1.9.31 y anteriores. El procesamiento de archivos de proyecto especialmente diseñados carecen de comprobación apropiada de los datos proporcionados por un usuario puede causar una condición de confusión de tipo, lo que puede permitir una ejecución de código remota, divulgación y modificación de información o causar que la aplicación se bloquee This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PM3 files. • https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02 https://www.zerodayinitiative.com/advisories/ZDI-20-954 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •