Filtered by vendor Advantech
Subscriptions
Filtered by product Adam-5630
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-39364 | 1 Advantech | 1 Adam-5630 | 2025-07-12 | 6.3 Medium |
| Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device automatically, without discrimination of origin or level of privileges of the user sending the commands. | ||||
| CVE-2024-39275 | 1 Advantech | 2 Adam-5630, Adam-5630 Firmware | 2024-10-07 | 8 High |
| Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user. | ||||
| CVE-2024-34542 | 1 Advantech | 2 Adam-5630, Adam-5630 Firmware | 2024-10-07 | 5.7 Medium |
| Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process. | ||||
| CVE-2024-28948 | 1 Advantech | 2 Adam-5630, Adam-5630 Firmware | 2024-10-04 | 8 High |
| Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other. | ||||
Page 1 of 1.