📦 Webaccess\/vpn
by Advantech
🔍 What is Webaccess\/vpn?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability allows authenticated system administrators in Advantech WebAccess/VPN to execute arbitrary commands on the server by uploading specially crafted filenames. The attacker gains execut...
Advantech WebAccess/VPN versions before 1.1.5 contain a SQL injection vulnerability in the NetworksController.addNetworkAction() function. Authenticated low-privileged users can exploit this via datat...
Advantech WebAccess/VPN versions before 1.1.5 contain a SQL injection vulnerability in the AjaxDeviceController.ajaxDeviceAction() function. Authenticated low-privileged users can exploit this via dat...
Advantech WebAccess/VPN versions before 1.1.5 contain a SQL injection vulnerability in the AjaxNetworkController.ajaxAction() function. Authenticated low-privileged users can exploit this via datatabl...
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in the AjaxFwRulesController.ajaxNetworkFwRulesAction() function. Authenticated low-privileged users can exploit t...
This SQL injection vulnerability in Advantech WebAccess/VPN allows authenticated low-privileged users to inject malicious SQL queries through datatable search parameters. Successful exploitation can l...
This SQL injection vulnerability in Advantech WebAccess/VPN allows authenticated low-privileged users to inject malicious SQL queries through datatable search parameters in the AjaxStandaloneVpnClient...
Advantech WebAccess/VPN versions before 1.1.5 contain a SQL injection vulnerability in the AjaxPrevalidationController.ajaxAction() function. Authenticated low-privileged users can exploit this via da...
Advantech WebAccess/VPN versions before 1.1.5 contain a stored cross-site scripting vulnerability in the NetworksController.addNetworkAction() function. This allows attackers to inject malicious scrip...
Advantech WebAccess/VPN versions before 1.1.5 contain a stored cross-site scripting vulnerability in the StandaloneVpnClientsController.addStandaloneVpnClientAction() function. This allows attackers t...
This vulnerability allows authenticated network administrators in Advantech WebAccess/VPN to read arbitrary files accessible to the web user (www-data) via path traversal. It affects versions prior to...
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in the AppManagementController.appUpgradeAction() function. Authenticated low-privileged users can exploit this vi...