Vulnerabilities in Advantech
142 resultsCVE-2025-48461MEDIUMWeak Session Cookie EntropyEPSS 0.4%CVE-2022-50594HIGHAdvantech iView < v5.7.04 Build 6425 data Parameter SQL Injection Information DisclosureEPSS 0.4%CVE-2025-48469CRITICALUnauthenticated Firmware UploadEPSS 0.4%CVE-2018-14828—Advantech WebAccess 8.3.1 and earlier has an improper privilege management vulnerability, which may allow an attacker to access those files EPSS 0.4%CVE-2024-39275HIGHAdvantech ADAM-5630 Use of Persistent Cookies Containing Sensitive InformationEPSS 0.4%CVE-2025-13373HIGHAdvantech iView SQL InjectionEPSS 0.4%CVE-2026-6888HIGHSQL Injection VulnerabilityEPSS 0.4%CVE-2018-8841—In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prioEPSS 0.4%CVE-2024-37187MEDIUMAdvantech ADAM-5550 Weak Encoding for PasswordEPSS 0.4%CVE-2025-34238MEDIUMAdvantech WebAccess/VPN < 1.1.5 Path Traversal via AjaxStandaloneVpnClientsController.ajaxDownloadRoadWarriorConfigFileAction()EPSS 0.3%CVE-2024-38308HIGHAdvantech ADAM-5550 Cross-site ScriptingEPSS 0.3%CVE-2024-2453MEDIUMAdvantech WebAccess/SCADA SQL InjectionEPSS 0.3%CVE-2025-53509HIGHAdvantech iView Argument InjectionEPSS 0.3%CVE-2025-52459HIGHAdvantech iView Argument InjectionEPSS 0.3%CVE-2025-46268MEDIUMAdvantech WebAccess/SCADA SQL InjectionEPSS 0.3%CVE-2021-42706HIGHAzeoTech DAQFactoryEPSS 0.3%CVE-2025-48891HIGHAdvantech iView SQL InjectionEPSS 0.3%CVE-2025-34247MEDIUMAdvantech WebAccess/VPN < 1.1.5 SQL Injection via NetworksController.addNetworkAction()EPSS 0.3%CVE-2025-34243MEDIUMAdvantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxFwRulesController.ajaxNetworkFwRulesAction()EPSS 0.3%CVE-2025-34242HIGHAdvantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxNetworkController.ajaxAction()EPSS 0.3%