Advantech: >> Webaccess/scada >> 8.3.2 Security Vulnerabilities
WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an attacker to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser actions.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-03-18
The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator.
CVSS Score
8.8
EPSS Score
0.006
Published
2021-02-23
WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1. Lack of proper validation of user supplied input may allow an attacker to cause the overflow of a buffer on the stack.
CVSS Score
7.3
EPSS Score
0.005
Published
2018-12-19
Page 2