Advantech: >> R-Seenet >> 2.1.1 Security Vulnerabilities
Advantech R-SeeNet
versions 2.4.22
is installed with a hidden root-level user that is not available in the
users list. This hidden user has a password that cannot be changed by
users.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-06-22
Advantech R-SeeNet
versions 2.4.22
allows low-level users to access and load the content of local files.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-06-22
Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can remotely overflow the stack buffer and enable remote code execution.
CVSS Score
9.8
EPSS Score
0.006
Published
2022-10-27
Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can use an outsized filename to overflow the stack buffer and enable remote code execution.
CVSS Score
9.8
EPSS Score
0.006
Published
2022-10-27
Advantech R-SeeNet Versions 2.4.19 and prior are vulnerable to path traversal attacks. An unauthorized attacker could remotely exploit vulnerable PHP code to delete .PDF files.
CVSS Score
6.5
EPSS Score
0.035
Published
2022-10-27
The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection, which allows a remote attacker to invoke queries on the database and retrieve sensitive information.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-10-20