Advantech: >> Webaccess/scada Security Vulnerabilities
WebAccess/SCADA, Version 8.3. The software does not properly sanitize its inputs for SQL commands.
CVSS Score
9.8
EPSS Score
0.009
Published
2019-02-05
WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1. Lack of proper validation of user supplied input may allow an attacker to cause the overflow of a buffer on the stack.
CVSS Score
7.3
EPSS Score
0.005
Published
2018-12-19
A SQL Injection issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. WebAccess/SCADA does not properly sanitize its inputs for SQL commands.
CVSS Score
5.3
EPSS Score
0.001
Published
2018-01-25
A Path Traversal issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. An attacker has read access to files within the directory structure of the target device.
CVSS Score
5.3
EPSS Score
0.011
Published
2018-01-25
Page 3