Skip to main content

Webaccess Scada

30 CVEs product

Monthly

CVE-2026-6888 HIGH NEWS This Week

SQL injection in multiple Advantech industrial IoT platforms allows remote authenticated attackers with high privileges to execute arbitrary database commands. Affected products include WebAccess/SCADA, SaaS Composer, IoTSuite Growth/Starter, and IoT Edge across Windows and Linux Docker deployments. The vulnerability enables complete database compromise - attackers can read sensitive industrial control system data, modify configurations, or delete critical operational information. CVSS 7.2 reflects high impact across confidentiality, integrity, and availability, though exploitation requires administrative credentials (PR:H), significantly limiting attack surface compared to unauthenticated SQL injection vulnerabilities.

SQLi Saas Composer Iotsuite Growth Linux Docker Iotsuite Starter Linux Docker Iot Edge Linux Docker +4
NVD VulDB
CVSS 3.1
7.2
EPSS
0.1%
CVE-2023-1437 CRITICAL Act Now

All versions prior to 9.1.4 of Advantech WebAccess/SCADA are vulnerable to use of untrusted pointers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Webaccess Scada
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2023-32628 CRITICAL Act Now

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to modify the file extension of a certificate file to ASP when uploading it,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE File Upload Webaccess Scada
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-32540 CRITICAL Act Now

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system (including system files),. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Webaccess Scada
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-22450 HIGH This Week

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script file to a webserver when logged in as manager user,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Webaccess Scada
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2021-38431 MEDIUM This Month

An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Webaccess Scada
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-32943 CRITICAL Act Now

The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Webaccess Scada
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2021-22676 MEDIUM This Month

UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could allow an attacker to send malicious JavaScript code. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Webaccess Scada
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-22674 MEDIUM PATCH This Month

The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Path Traversal Webaccess Scada
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-32956 MEDIUM This Month

Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to redirection, which may allow an attacker to send a maliciously crafted URL that could result in redirecting a user to a malicious. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Webaccess Scada
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-32954 MEDIUM This Month

Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an attacker to remotely read arbitrary files on the file system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Webaccess Scada
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2021-22669 HIGH This Week

Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Webaccess Scada
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-27436 MEDIUM This Month

WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an attacker to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Webaccess Scada
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2019-6523 CRITICAL Act Now

WebAccess/SCADA, Version 8.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Webaccess Scada
NVD
CVSS 3.0
9.8
EPSS
2.0%
CVE-2019-6521 HIGH This Week

WebAccess/SCADA, Version 8.3. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Webaccess Scada
NVD
CVSS 3.0
8.6
EPSS
1.9%
CVE-2019-6519 CRITICAL Act Now

WebAccess/SCADA, Version 8.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Webaccess Scada
NVD
CVSS 3.0
9.8
EPSS
2.8%
CVE-2018-18999 HIGH This Week

WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Webaccess Scada
NVD
CVSS 3.1
7.3
EPSS
2.3%
CVE-2018-8845 CRITICAL Act Now

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow RCE Buffer Overflow Webaccess Webaccess Dashboard +2
NVD
CVSS 3.1
9.8
EPSS
5.8%
CVE-2018-8841 HIGH This Week

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Webaccess Webaccess Dashboard Webaccess Scada Webaccess Nms
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-7505 CRITICAL Act Now

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation RCE Webaccess Webaccess Dashboard Webaccess Scada +1
NVD
CVSS 3.0
9.8
EPSS
2.9%
CVE-2018-7503 HIGH This Week

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Webaccess Webaccess Dashboard Webaccess Scada Webaccess Nms
NVD
CVSS 3.0
7.5
EPSS
2.6%
CVE-2018-7501 HIGH This Week

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Webaccess Webaccess Dashboard Webaccess Scada Webaccess Nms
NVD
CVSS 3.0
7.5
EPSS
1.7%
CVE-2018-7499 CRITICAL Act Now

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Webaccess Webaccess Dashboard +2
NVD
CVSS 3.1
9.8
EPSS
3.8%
CVE-2018-7497 CRITICAL Act Now

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Webaccess Webaccess Dashboard Webaccess Scada Webaccess Nms
NVD
CVSS 3.0
9.8
EPSS
2.9%
CVE-2018-7495 HIGH This Week

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Webaccess Webaccess Dashboard Webaccess Scada Webaccess Nms
NVD
CVSS 3.0
7.5
EPSS
2.2%
CVE-2018-10591 MEDIUM This Month

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Webaccess Webaccess Dashboard Webaccess Scada Webaccess Nms
NVD
CVSS 3.0
6.1
EPSS
0.6%
CVE-2018-10590 HIGH This Week

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Webaccess Webaccess Dashboard Webaccess Scada Webaccess Nms
NVD
CVSS 3.0
7.5
EPSS
1.7%
CVE-2018-10589 CRITICAL Act Now

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Webaccess Webaccess Dashboard Webaccess Scada +1
NVD
CVSS 3.0
9.8
EPSS
4.1%
CVE-2018-5445 MEDIUM This Month

A Path Traversal issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Webaccess Scada
NVD
CVSS 3.0
5.3
EPSS
1.8%
CVE-2018-5443 MEDIUM This Month

A SQL Injection issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Webaccess Scada
NVD
CVSS 3.0
5.3
EPSS
1.2%
EPSS 0% CVSS 7.2
HIGH This Week

SQL injection in multiple Advantech industrial IoT platforms allows remote authenticated attackers with high privileges to execute arbitrary database commands. Affected products include WebAccess/SCADA, SaaS Composer, IoTSuite Growth/Starter, and IoT Edge across Windows and Linux Docker deployments. The vulnerability enables complete database compromise - attackers can read sensitive industrial control system data, modify configurations, or delete critical operational information. CVSS 7.2 reflects high impact across confidentiality, integrity, and availability, though exploitation requires administrative credentials (PR:H), significantly limiting attack surface compared to unauthenticated SQL injection vulnerabilities.

SQLi Saas Composer Iotsuite Growth Linux Docker +6
NVD VulDB
EPSS 3% CVSS 9.8
CRITICAL Act Now

All versions prior to 9.1.4 of Advantech WebAccess/SCADA are vulnerable to use of untrusted pointers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Webaccess Scada
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to modify the file extension of a certificate file to ASP when uploading it,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE File Upload Webaccess Scada
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system (including system files),. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Webaccess Scada
NVD
EPSS 1% CVSS 7.2
HIGH This Week

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script file to a webserver when logged in as manager user,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Webaccess Scada
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Webaccess Scada
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could allow an attacker to send malicious JavaScript code. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Webaccess Scada
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Path Traversal Webaccess Scada
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to redirection, which may allow an attacker to send a maliciously crafted URL that could result in redirecting a user to a malicious. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Webaccess Scada
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an attacker to remotely read arbitrary files on the file system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Webaccess Scada
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Webaccess Scada
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an attacker to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Webaccess Scada
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

WebAccess/SCADA, Version 8.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Webaccess Scada
NVD
EPSS 2% CVSS 8.6
HIGH This Week

WebAccess/SCADA, Version 8.3. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Webaccess Scada
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

WebAccess/SCADA, Version 8.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Webaccess Scada
NVD
EPSS 2% CVSS 7.3
HIGH This Week

WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Webaccess Scada
NVD
EPSS 6% CVSS 9.8
CRITICAL Act Now

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow RCE Buffer Overflow +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Webaccess Webaccess Dashboard +2
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation RCE Webaccess +3
NVD
EPSS 3% CVSS 7.5
HIGH This Week

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Webaccess Webaccess Dashboard +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Webaccess Webaccess Dashboard +2
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +4
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Webaccess Webaccess Dashboard +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Webaccess Webaccess Dashboard +2
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Webaccess Webaccess Dashboard +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Webaccess Webaccess Dashboard +2
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Webaccess +3
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

A Path Traversal issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Webaccess Scada
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A SQL Injection issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Webaccess Scada
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy