RSS   Vulnerabilities for 'Webaccess\/nms'   RSS

2021-10-27
 
CVE-2021-32951

CWE-287
 
 
WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS.

 
2020-04-09
 
CVE-2020-10631

CWE-22
 
 
An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS's (versions prior to 3.0.2) control.

 
 
CVE-2020-10629

CWE-611
 
 
WebAccess/NMS (versions prior to 3.0.2) does not sanitize XML input. Specially crafted XML input could allow an attacker to read sensitive files.

 
 
CVE-2020-10625

CWE-306
 
 
WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remote user to create a new admin account.

 
 
CVE-2020-10623

CWE-89
 
 
Multiple vulnerabilities could allow an attacker with low privileges to perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information.

 
 
CVE-2020-10619

CWE-22
 
 
An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's (versions prior to 3.0.2) control.

 
 
CVE-2020-10617

CWE-89
 
 
There are multiple ways an unauthenticated attacker could perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information.

 
 
CVE-2020-10603

CWE-78
 
 
WebAccess/NMS (versions prior to 3.0.2) does not properly sanitize user input and may allow an attacker to inject system commands remotely.

 
 
CVE-2020-10621

CWE-434
 
 
Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions prior to 3.0.2).

 

 >>> Vendor: Advantech 48 Products
Adam-6015
Adam-6017
Adam-6018
Adam-6022
Adam-6024
Adam-6050
Adam-6050w
Adam-6051
Adam-6051w
Adam-6052
Adam-6060
Adam-6060w
Adam-6066
Adam-6501
Advantech studio
Adam opc server
Modbus rtu opc server
Modbus tcp opc server
Advantech webaccess
Eki-6340
Eki-6340 firmware
Webaccess
Adamview
Eki-1200 gateway series firmware
Eki-122x series firmware
Eki-1321 series firmware
Eki-1322 series firmware
Eki-1361 series firmware
Eki-1362 series firmware
Vesp211-232 firmware
Vesp211-eu firmware
Susiaccess
Webop
Webaccess hmi designer
Webaccess/nms
Webaccess dashboard
Webaccess/scada
Webaccess/hmi designer
Webaccess\/nms
Iview
Webaccess\/hmi designer
R-seenet
Webaccess\/scada
Webaccess scada
Wise-paas\/ota
Deviceon\/iservice
Deviceon\/iedge
Sq manager

Copyright 2024, cxsecurity.com

 

Back to Top