CVE-2023-2866 – Advantech WebAccess Insufficient Type Distinction
https://notcve.org/view.php?id=CVE-2023-2866
If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-150-01 • CWE-345: Insufficient Verification of Data Authenticity CWE-351: Insufficient Type Distinction •
CVE-2021-38389 – Advantech WebAccess
https://notcve.org/view.php?id=CVE-2021-38389
Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code. Advantech WebAccess versiones 9.02 y anteriores, son vulnerables a un desbordamiento del búfer en la región stack de la memoria, que podría permitir a un atacante ejecutar código de forma remota This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IOCTL 0x1138B. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. • https://us-cert.cisa.gov/ics/advisories/icsa-21-285-02 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2021-33023 – Advantech WebAccess
https://notcve.org/view.php?id=CVE-2021-33023
Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code. Advantech WebAccess versiones 9.02 y anteriores, son vulnerables a un desbordamiento del búfer en la región heap de la memoria, que puede permitir a un atacante ejecutar código de forma remota This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IOCTL 0x2722. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. • https://us-cert.cisa.gov/ics/advisories/icsa-21-285-02 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2021-38408 – Advantech WebAccess BwFLApp Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-38408
A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution. Una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en Advantech WebAccess versiones 9.02 y anteriores, causada por una falta de comprobación apropiada de la longitud de los datos suministrados por el usuario puede permitir una ejecución de código remota This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IOCTL 0x2711, which can be used to invoke BwFLApp.exe. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. • https://us-cert.cisa.gov/ics/advisories/icsa-21-245-03 • CWE-121: Stack-based Buffer Overflow •
CVE-2021-34540
https://notcve.org/view.php?id=CVE-2021-34540
Advantech WebAccess 8.4.2 and 8.4.4 allows XSS via the username column of the bwRoot.asp page of WADashboard. Advantech WebAccess versiones 8.4.2 y 8.4.4, permite ataques de tipo XSS por medio de la columna de nombre de usuario de la página bwRoot.asp de WADashboard • https://github.com/ethancsyang/CveProject/tree/main/CVE-2021-34540 https://www.advantech.com/support • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •