Filtered by vendor Advantech
Subscriptions
Filtered by product Wise-paas\/rmm
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-27437 | 1 Advantech | 1 Wise-paas\/rmm | 2024-11-21 | 9.1 Critical |
| The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard. The system contains a hard-coded administrator username and password that can be used to query Grafana APIs. Authentication is not required for exploitation on the WISE-PaaS/RMM (versions prior to 9.0.1). | ||||
| CVE-2019-18229 | 1 Advantech | 1 Wise-paas\/rmm | 2024-11-21 | 6.5 Medium |
| Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Lack of sanitization of user-supplied input cause SQL injection vulnerabilities. An attacker can leverage these vulnerabilities to disclose information. | ||||
| CVE-2019-18227 | 1 Advantech | 1 Wise-paas\/rmm | 2024-11-21 | 7.5 High |
| Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. XXE vulnerabilities exist that may allow disclosure of sensitive data. | ||||
| CVE-2019-13551 | 1 Advantech | 1 Wise-paas\/rmm | 2024-11-21 | 9.8 Critical |
| Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Path traversal vulnerabilities are caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage these vulnerabilities to remotely execute code while posing as an administrator. | ||||
| CVE-2019-13547 | 1 Advantech | 1 Wise-paas\/rmm | 2024-11-21 | 9.8 Critical |
| Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. There is an unsecured function that allows anyone who can access the IP address to use the function without authentication. | ||||
Page 1 of 1.