Every CVE whose affected-product data names Advantech R-seenet, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (40)
CVE-2021-21804 — CVSS 9.8 (critical): A local file inclusion (LFI) vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A…
CVE-2021-21805 — CVSS 9.8 (critical): An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially…
CVE-2023-5642 — CVSS 9.8 (critical): Advantech R-SeeNet v2.4.23 allows an unauthenticated remote attacker to read from and write to the snmpmon.ini file, which contains…
CVE-2023-2611 — CVSS 9.8 (critical): Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has…
CVE-2022-3386 — CVSS 9.8 (critical): Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can use an outsized…
CVE-2022-3385 — CVSS 9.8 (critical): Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can remotely…
CVE-2021-21917 — CVSS 8.8 (high): An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A…
CVE-2023-3256 — CVSS 8.8 (high): Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files.
CVE-2021-21915 — CVSS 8.8 (high): An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A…
CVE-2021-21916 — CVSS 8.8 (high): An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A…
CVE-2021-21936 — CVSS 8.8 (high): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability…
CVE-2021-21910 — CVSS 7.8 (high): A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15…
CVE-2021-21911 — CVSS 7.8 (high): A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15…
CVE-2021-21912 — CVSS 7.8 (high): A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15…
CVE-2020-25157 — CVSS 7.5 (high): The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection, which allows a remote attacker to invoke queries on the database…
CVE-2021-21934 — CVSS 6.5 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at…
CVE-2022-3387 — CVSS 6.5 (medium): Advantech R-SeeNet Versions 2.4.19 and prior are vulnerable to path traversal attacks. An unauthorized attacker could remotely exploit…
CVE-2021-21937 — CVSS 6.5 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability…
CVE-2021-21922 — CVSS 6.5 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability…
CVE-2021-21935 — CVSS 6.5 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability…
CVE-2021-21924 — CVSS 6.5 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these…
CVE-2021-21925 — CVSS 6.5 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these…
CVE-2021-21926 — CVSS 6.5 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these…
CVE-2021-21927 — CVSS 6.5 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these…
CVE-2021-21928 — CVSS 6.5 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at ‘mac_filter’ parameter…
CVE-2021-21929 — CVSS 6.5 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at ‘prod_filter’ parameter…
CVE-2021-21930 — CVSS 6.5 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at ‘sn_filter’ parameter…
CVE-2021-21931 — CVSS 6.5 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at‘ stat_filter’ parameter…
CVE-2021-21932 — CVSS 6.5 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at…
CVE-2021-21933 — CVSS 6.5 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at…
CVE-2021-21799 — CVSS 6.1 (medium): Cross-site scripting vulnerabilities exist in the telnet_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a…
CVE-2021-21803 — CVSS 6.1 (medium): This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially…
CVE-2021-21802 — CVSS 6.1 (medium): This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially…
CVE-2021-21801 — CVSS 6.1 (medium): This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially…
CVE-2021-21800 — CVSS 6.1 (medium): Cross-site scripting vulnerabilities exist in the ssh_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user…
CVE-2021-21919 — CVSS 4.9 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability…
CVE-2021-21923 — CVSS 4.9 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability…
CVE-2021-21918 — CVSS 4.9 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability…
CVE-2021-21921 — CVSS 4.9 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability…
CVE-2021-21920 — CVSS 4.9 (medium): A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability…