Shodan
Vulnerabilities
Vulnerable Software
Advantech:  >> Advantech Webaccess  >> 5.0  Security Vulnerabilities
CVE-2014-2364
Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the (1) ProjectName, (2) SetParameter, (3) NodeName, (4) CCDParameter, (5) SetColor, (6) AlarmImage, (7) GetParameter, (8) GetColor, (9) ServerResponse, (10) SetBaud, or (11) IPAddress parameter to an ActiveX control in (a) webvact.ocx, (b) dvs.ocx, or (c) webdact.ocx.
CVSS Score
7.5
EPSS Score
0.391
Published
2014-07-19
CVE-2014-2365
Unspecified vulnerability in Advantech WebAccess before 7.2 allows remote authenticated users to create or delete arbitrary files via unknown vectors.
CVSS Score
5.5
EPSS Score
0.003
Published
2014-07-19
CVE-2014-2366
upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenticated users to discover credentials by reading HTML source code.
CVSS Score
4.0
EPSS Score
0.002
Published
2014-07-19
CVE-2014-2367
The ChkCookie subroutine in an ActiveX control in broadweb/include/gChkCook.asp in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-07-19
CVE-2014-2368
The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.
CVSS Score
5.0
EPSS Score
0.003
Published
2014-07-19
CVE-2014-0763
Multiple SQL injection vulnerabilities in DBVisitor.dll in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary SQL commands via SOAP requests to unspecified functions.
CVSS Score
7.5
EPSS Score
0.317
Published
2014-04-12
CVE-2014-0764
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long NodeName parameter.
CVSS Score
7.5
EPSS Score
0.015
Published
2014-04-12
CVE-2014-0765
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long GotoCmd argument.
CVSS Score
7.5
EPSS Score
0.015
Published
2014-04-12
CVE-2014-0766
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long NodeName2 argument.
CVSS Score
7.5
EPSS Score
0.015
Published
2014-04-12
CVE-2014-0767
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long AccessCode argument.
CVSS Score
7.5
EPSS Score
0.015
Published
2014-04-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved