Vulnerabilidades en Advantech
142 resultadosCVE-2025-34245MEDIUMAdvantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxStandaloneVpnClientsController.ajaxAction()EPSS 0.3%CVE-2025-34244MEDIUMAdvantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxFwRulesController.ajaxDeviceFwRulesAction()EPSS 0.3%CVE-2025-34240HIGHAdvantech WebAccess/VPN < 1.1.5 SQL Injection via AppManagementController.appUpgradeAction()EPSS 0.3%CVE-2025-34241MEDIUMAdvantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxDeviceController.ajaxDeviceAction()EPSS 0.3%CVE-2025-34246MEDIUMAdvantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxPrevalidationController.ajaxAction()EPSS 0.3%CVE-2025-48467MEDIUMDenial of Service via Malformed Modbus PacketsEPSS 0.2%CVE-2024-34542MEDIUMAdvantech ADAM-5630 Weak Encoding for PasswordEPSS 0.2%CVE-2024-39364HIGHAdvantech ADAM-5630 Missing Authentication for Critical FunctionEPSS 0.2%CVE-2025-64302MEDIUMAdvantech DeviceOn/iEdge Cross-site ScriptingEPSS 0.2%CVE-2024-28948HIGHAdvantech ADAM-5630 Cross-Site Request ForgeryEPSS 0.2%CVE-2025-41442MEDIUMAdvantech iView Cross-site ScriptingEPSS 0.2%CVE-2025-53397MEDIUMAdvantech iView Cross-site ScriptingEPSS 0.2%CVE-2025-53519MEDIUMAdvantech iView Cross-site ScriptingEPSS 0.2%CVE-2024-50377MEDIUMA CWE-798 "Use of Hard-coded Credentials" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3)EPSS 0.2%CVE-2025-34236MEDIUMAdvantech WebAccess/VPN < 1.1.5 Stored XSS via NetworksController.addNetworkAction()EPSS 0.2%CVE-2025-34237MEDIUMAdvantech WebAccess/VPN < 1.1.5 Stored XSS via StandaloneVpnClientsController.addStandaloneVpnClientAction()EPSS 0.2%CVE-2025-48462MEDIUMLogin Session ExhaustionEPSS 0.2%CVE-2025-48470MEDIUMStored Cross site Scripting (XSS)EPSS 0.2%CVE-2025-48468MEDIUMOpen JTAG Debug PortEPSS 0.2%CVE-2023-2866HIGHAdvantech WebAccess Insufficient Type DistinctionEPSS 0.1%