Advantech Deviceon/iedge — known CVE vulnerabilities
Every CVE whose affected-product data names Advantech Deviceon/iedge, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2021-40389 — CVSS 8.8 (high): A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge Server 1.0.2. A specially-crafted file can be…
CVE-2025-58423 — CVSS 8.8 (high): Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to cause a denial-of-service condition…
CVE-2025-62630 — CVSS 8.8 (high): Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote…
CVE-2025-59171 — CVSS 7.5 (high): Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote…
CVE-2025-64302 — CVSS 6.4 (medium): Insufficient input sanitization in the dashboard label or path can allow an attacker to trigger a device error causing information…