CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 2CVE-2023-4202 – Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2023-4202
08 Aug 2023 — Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the device name field of the web-interface. Los dispositivos Advantech EKI-1524, EKI-1522, EKI-1521 hasta la versión 1.21 están afectados por una vulnerabilidad de secuencias de comandos cruzadas almacenadas, que puede ser activada por usuarios autenticados en el campo del nombre del dispositivo de la interfaz web. Advantech EKI-1524-CE ser... • https://packetstorm.news/files/id/174153 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1437 – CVE-2023-1437
https://notcve.org/view.php?id=CVE-2023-1437
02 Aug 2023 — All versions prior to 9.1.4 of Advantech WebAccess/SCADA are vulnerable to use of untrusted pointers. The RPC arguments the client sent could contain raw memory pointers for the server to use as-is. This could allow an attacker to gain access to the remote file system and the ability to execute commands and overwrite files. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-822: Untrusted Pointer Dereference •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3983
https://notcve.org/view.php?id=CVE-2023-3983
31 Jul 2023 — An authenticated SQL injection vulnerability exists in Advantech iView versions prior to v5.7.4 build 6752. An authenticated remote attacker can bypass checks in com.imc.iview.utils.CUtils.checkSQLInjection() to perform blind SQL injection. • https://www.tenable.com/security/research/tra-2023-24 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2611 – Advantech R-SeeNet Use of Hard-coded Credentials
https://notcve.org/view.php?id=CVE-2023-2611
22 Jun 2023 — Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users. This vulnerability allows remote attackers to bypass authentication on affected installations of Advantech R-SeeNet. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the database. The issue results from the existence of an additional user in the database that is... • https://www.cisa.gov/news-events/ics-advisories/icsa-23-173-02 • CWE-798: Use of Hard-coded Credentials •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3256 – Advantech R-SeeNet External Control of File Name or Path
https://notcve.org/view.php?id=CVE-2023-3256
22 Jun 2023 — Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files. This vulnerability allows remote attackers to escalate privileges on affected installations of Advantech R-SeeNet. Authentication is required to exploit this vulnerability. The specific flaw exists within the device_status page. The issue results from the lack of proper validation of user-supplied data prior to passing it to a PHP include function. An attacker can leverage this vulnerability to escalate ... • https://www.cisa.gov/news-events/ics-advisories/icsa-23-173-02 • CWE-73: External Control of File Name or Path CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2866 – Advantech WebAccess Insufficient Type Distinction
https://notcve.org/view.php?id=CVE-2023-2866
07 Jun 2023 — If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-150-01 • CWE-345: Insufficient Verification of Data Authenticity CWE-351: Insufficient Type Distinction •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22450
https://notcve.org/view.php?id=CVE-2023-22450
05 Jun 2023 — In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script file to a webserver when logged in as manager user, which can lead to arbitrary code execution. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32540
https://notcve.org/view.php?id=CVE-2023-32540
05 Jun 2023 — In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system (including system files), inject code into an XLS file, and modify the file extension, which could lead to arbitrary code execution. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32628
https://notcve.org/view.php?id=CVE-2023-32628
05 Jun 2023 — In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to modify the file extension of a certificate file to ASP when uploading it, which can lead to remote code execution. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.0EPSS: 1%CPEs: 6EXPL: 3CVE-2023-2573 – Authenticated Command Injection
https://notcve.org/view.php?id=CVE-2023-2573
08 May 2023 — Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the NTP server input field, which can be triggered by authenticated users via a crafted POST request. Advantech EKI-1524-CE series, EKI-1522 series, and EKI-1521 series suffer from command injection and buffer overflow vulnerabilities. • https://packetstorm.news/files/id/172307 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •