Advantech: >> Adam-5630 Firmware Security Vulnerabilities
Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a
session is closed. Forging requests with a legitimate cookie, even if
the session was terminated, allows an unauthorized attacker to act with
the same level of privileges of the legitimate user.
CVSS Score
8.0
EPSS Score
0.001
Published
2024-09-27
Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an attacker to partly circumvent the same
origin policy, which is designed to prevent different websites from
interfering with each other.
CVSS Score
8.0
EPSS Score
0.0
Published
2024-09-27
Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process.
CVSS Score
5.7
EPSS Score
0.0
Published
2024-09-27