Advantech: >> Webaccess >> 8.4.2 Security Vulnerabilities
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL commands.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-05-08
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-05-08
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An improper validation vulnerability exists that could allow an attacker to inject specially crafted input into memory where it can be executed.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-05-08
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control.
CVSS Score
8.8
EPSS Score
0.019
Published
2020-05-08
In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.
CVSS Score
8.8
EPSS Score
0.008
Published
2020-03-27
Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533 RPC messages.
CVSS Score
9.8
EPSS Score
0.118
Published
2019-12-12
Page 2