Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other.
oryginał ENCVSS Vector
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XAdvantech Adam 5630
HWAdvantechwszystkie wersjeAdvantech Adam 5630 Firmware
OSAdvantech< 2.5.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2024-39275HIGH8.5ten sam produkt
Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. F...
CVE-2024-34542MEDIUM6.9ten sam produkt
Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during th...
CVE-2025-52694CRITICAL10.0PL ✓ten sam vendor
SQL Injection w produktach Advantech IoT Suite — nieuwierzytelniony RCE
CVE-2025-34256CRITICAL10.0PL ✓ten sam vendor
Advantech WISE-DeviceOn Server — hardcoded klucz JWT umożliwia pełne przejęcie systemu
CVE-2022-50593CRITICAL9.3PL ✓ten sam vendor
Advantech iView – Auth Bypass + SQL Injection prowadzące do RCE