Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:advantech:r-seenet:2.4.12:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-3256 |
Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files. Published: June 22, 2023; 1:15:44 PM -0400 |
V3.1: 8.1 HIGH V2.0:(not available) |
CVE-2023-2611 |
Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users. Published: June 22, 2023; 1:15:44 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2022-3387 |
Advantech R-SeeNet Versions 2.4.19 and prior are vulnerable to path traversal attacks. An unauthorized attacker could remotely exploit vulnerable PHP code to delete .PDF files. Published: October 27, 2022; 5:15:13 PM -0400 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2022-3386 |
Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can use an outsized filename to overflow the stack buffer and enable remote code execution. Published: October 27, 2022; 5:15:13 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2022-3385 |
Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can remotely overflow the stack buffer and enable remote code execution. Published: October 27, 2022; 5:15:13 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2021-21805 |
An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request to trigger this vulnerability. Published: August 05, 2021; 5:15:10 PM -0400 |
V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2021-21804 |
A local file inclusion (LFI) vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary PHP code execution. An attacker can send a crafted HTTP request to trigger this vulnerability. Published: July 16, 2021; 7:15:09 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2021-21803 |
This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution. Published: July 16, 2021; 7:15:09 AM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-21802 |
This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution. Published: July 16, 2021; 7:15:09 AM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-21801 |
This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution. Published: July 16, 2021; 7:15:09 AM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-21800 |
Cross-site scripting vulnerabilities exist in the ssh_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execution in the context of the targeted user’s browser. An attacker can provide a crafted URL to trigger this vulnerability. Published: July 16, 2021; 7:15:09 AM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-21799 |
Cross-site scripting vulnerabilities exist in the telnet_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execution in the context of the targeted user’s browser. An attacker can provide a crafted URL to trigger this vulnerability. Published: July 16, 2021; 7:15:09 AM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |