Search criteria
36 vulnerabilities found for webaccess\/vpn by advantech
FKIE_CVE-2025-34247
Vulnerability from fkie_nvd - Published: 2025-11-06 20:15 - Updated: 2025-11-28 16:59
Severity ?
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in NetworksController.addNetworkAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| advantech | webaccess\/vpn | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBAB4BE-F708-4A56-A192-BC46C45F84D6",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0NetworksController.addNetworkAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"id": "CVE-2025-34247",
"lastModified": "2025-11-28T16:59:37.957",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
},
"published": "2025-11-06T20:15:49.017",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://icr.advantech.com/download/software"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-networkscontroller"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-34242
Vulnerability from fkie_nvd - Published: 2025-11-06 20:15 - Updated: 2025-11-28 16:58
Severity ?
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxNetworkController.ajaxAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| advantech | webaccess\/vpn | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBAB4BE-F708-4A56-A192-BC46C45F84D6",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxNetworkController.ajaxAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"id": "CVE-2025-34242",
"lastModified": "2025-11-28T16:58:07.870",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
},
"published": "2025-11-06T20:15:48.270",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://icr.advantech.com/download/software"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxnetworkcontroller"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-34241
Vulnerability from fkie_nvd - Published: 2025-11-06 20:15 - Updated: 2025-11-28 16:57
Severity ?
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxDeviceController.ajaxDeviceAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| advantech | webaccess\/vpn | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBAB4BE-F708-4A56-A192-BC46C45F84D6",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxDeviceController.ajaxDeviceAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"id": "CVE-2025-34241",
"lastModified": "2025-11-28T16:57:53.457",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
},
"published": "2025-11-06T20:15:48.100",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://icr.advantech.com/download/software"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxdevicecontroller-ajaxdeviceaction"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-34245
Vulnerability from fkie_nvd - Published: 2025-11-06 20:15 - Updated: 2025-11-28 17:02
Severity ?
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxStandaloneVpnClientsController.ajaxAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| advantech | webaccess\/vpn | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBAB4BE-F708-4A56-A192-BC46C45F84D6",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxStandaloneVpnClientsController.ajaxAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"id": "CVE-2025-34245",
"lastModified": "2025-11-28T17:02:55.473",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
},
"published": "2025-11-06T20:15:48.717",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://icr.advantech.com/download/software"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxstandalonevpnclientscontroller"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-34244
Vulnerability from fkie_nvd - Published: 2025-11-06 20:15 - Updated: 2025-11-28 16:58
Severity ?
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxFwRulesController.ajaxDeviceFwRulesAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| advantech | webaccess\/vpn | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBAB4BE-F708-4A56-A192-BC46C45F84D6",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxFwRulesController.ajaxDeviceFwRulesAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"id": "CVE-2025-34244",
"lastModified": "2025-11-28T16:58:29.260",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
},
"published": "2025-11-06T20:15:48.560",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://icr.advantech.com/download/software"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxfwruelscontroller-ajaxdevicefwrulesaction"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-34243
Vulnerability from fkie_nvd - Published: 2025-11-06 20:15 - Updated: 2025-11-28 16:58
Severity ?
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxFwRulesController.ajaxNetworkFwRulesAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| advantech | webaccess\/vpn | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBAB4BE-F708-4A56-A192-BC46C45F84D6",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxFwRulesController.ajaxNetworkFwRulesAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"id": "CVE-2025-34243",
"lastModified": "2025-11-28T16:58:17.007",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
},
"published": "2025-11-06T20:15:48.410",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://icr.advantech.com/download/software"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxfwrulescontroller-ajaxnetworkfwrulesaction"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-34246
Vulnerability from fkie_nvd - Published: 2025-11-06 20:15 - Updated: 2025-11-28 16:58
Severity ?
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxPrevalidationController.ajaxAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| advantech | webaccess\/vpn | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBAB4BE-F708-4A56-A192-BC46C45F84D6",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxPrevalidationController.ajaxAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"id": "CVE-2025-34246",
"lastModified": "2025-11-28T16:58:55.530",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
},
"published": "2025-11-06T20:15:48.870",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://icr.advantech.com/download/software"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxprevalidationcontroller"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-34237
Vulnerability from fkie_nvd - Published: 2025-11-06 20:15 - Updated: 2025-11-28 16:44
Severity ?
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a stored cross-site scripting (XSS) vulnerability via StandaloneVpnClientsController.addStandaloneVpnClientAction(). Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| advantech | webaccess\/vpn | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBAB4BE-F708-4A56-A192-BC46C45F84D6",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a stored cross-site scripting (XSS) vulnerability via\u00a0StandaloneVpnClientsController.addStandaloneVpnClientAction(). Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim\u0027s browser."
}
],
"id": "CVE-2025-34237",
"lastModified": "2025-11-28T16:44:34.803",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
},
"published": "2025-11-06T20:15:47.363",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://icr.advantech.com/download/software"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-stored-xss-via-standalonevpnclientscontroller"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-34238
Vulnerability from fkie_nvd - Published: 2025-11-06 20:15 - Updated: 2025-12-04 21:26
Severity ?
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain an absolute path traversal via AjaxStandaloneVpnClientsController.ajaxDownloadRoadWarriorConfigFileAction() that allows an authenticated network administrator to cause the application to read and return the contents of arbitrary files the web user (www-data) can access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| advantech | webaccess\/vpn | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBAB4BE-F708-4A56-A192-BC46C45F84D6",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain an absolute path traversal via\u00a0AjaxStandaloneVpnClientsController.ajaxDownloadRoadWarriorConfigFileAction() that allows an authenticated network administrator to cause the application to read and return the contents of arbitrary files the web user (www-data) can access."
}
],
"id": "CVE-2025-34238",
"lastModified": "2025-12-04T21:26:53.130",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
},
"published": "2025-11-06T20:15:47.587",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://icr.advantech.com/download/software"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-path-traversal-via-ajaxstandalonevpnclientscontroller"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-34236
Vulnerability from fkie_nvd - Published: 2025-11-06 20:15 - Updated: 2025-11-28 16:44
Severity ?
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a stored cross-site scripting (XSS) vulnerability via NetworksController.addNetworkAction(). Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| advantech | webaccess\/vpn | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBAB4BE-F708-4A56-A192-BC46C45F84D6",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a stored cross-site scripting (XSS) vulnerability via\u00a0NetworksController.addNetworkAction(). Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim\u0027s browser."
}
],
"id": "CVE-2025-34236",
"lastModified": "2025-11-28T16:44:46.857",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
},
"published": "2025-11-06T20:15:47.180",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://icr.advantech.com/download/software"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-stored-xss-via-networkcontroller"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-34239
Vulnerability from fkie_nvd - Published: 2025-11-06 20:15 - Updated: 2025-12-04 21:27
Severity ?
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in AppManagementController.appUpgradeAction() that allows an authenticated system administrator to execute arbitrary commands as the web server user (www-data) by supplying a crafted uploaded filename.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| advantech | webaccess\/vpn | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBAB4BE-F708-4A56-A192-BC46C45F84D6",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in\u00a0AppManagementController.appUpgradeAction()\u00a0that allows an authenticated system administrator to execute arbitrary commands as the web server user (www-data) by supplying a crafted uploaded filename."
}
],
"id": "CVE-2025-34239",
"lastModified": "2025-12-04T21:27:21.903",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
},
"published": "2025-11-06T20:15:47.757",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://icr.advantech.com/download/software"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-command-injection-in-appmanagementcontroller"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-34240
Vulnerability from fkie_nvd - Published: 2025-11-06 20:15 - Updated: 2025-11-28 16:57
Severity ?
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AppManagementController.appUpgradeAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| advantech | webaccess\/vpn | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBAB4BE-F708-4A56-A192-BC46C45F84D6",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AppManagementController.appUpgradeAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"id": "CVE-2025-34240",
"lastModified": "2025-11-28T16:57:36.657",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
},
"published": "2025-11-06T20:15:47.937",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://icr.advantech.com/download/software"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-appmanagementcontroller-appupgradeaction"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
}
CVE-2025-34247 (GCVE-0-2025-34247)
Vulnerability from cvelistv5 – Published: 2025-11-06 19:49 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via NetworksController.addNetworkAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in NetworksController.addNetworkAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34247",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:05:43.891584Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:05:51.848Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"NetworksController.addNetworkAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetworksController.addNetworkAction()\u003c/span\u003e\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0NetworksController.addNetworkAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:11.514Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-networkscontroller"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via NetworksController.addNetworkAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34247",
"datePublished": "2025-11-06T19:49:37.330Z",
"dateReserved": "2025-04-15T19:15:22.577Z",
"dateUpdated": "2025-11-17T19:38:11.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34246 (GCVE-0-2025-34246)
Vulnerability from cvelistv5 – Published: 2025-11-06 19:49 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxPrevalidationController.ajaxAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxPrevalidationController.ajaxAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34246",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:06:03.239793Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:06:14.132Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AjaxPrevalidationController.ajaxAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAjaxPrevalidationController.ajaxAction()\u003c/span\u003e\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxPrevalidationController.ajaxAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:11.350Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxprevalidationcontroller"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via AjaxPrevalidationController.ajaxAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34246",
"datePublished": "2025-11-06T19:49:01.611Z",
"dateReserved": "2025-04-15T19:15:22.577Z",
"dateUpdated": "2025-11-17T19:38:11.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34245 (GCVE-0-2025-34245)
Vulnerability from cvelistv5 – Published: 2025-11-06 19:48 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxStandaloneVpnClientsController.ajaxAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxStandaloneVpnClientsController.ajaxAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34245",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:06:23.374316Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:06:33.433Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AjaxStandaloneVpnClientsController.ajaxAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAjaxStandaloneVpnClientsController.ajaxAction()\u003c/span\u003e\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxStandaloneVpnClientsController.ajaxAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:11.183Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxstandalonevpnclientscontroller"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via AjaxStandaloneVpnClientsController.ajaxAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34245",
"datePublished": "2025-11-06T19:48:21.189Z",
"dateReserved": "2025-04-15T19:15:22.577Z",
"dateUpdated": "2025-11-17T19:38:11.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34244 (GCVE-0-2025-34244)
Vulnerability from cvelistv5 – Published: 2025-11-06 19:47 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxFwRulesController.ajaxDeviceFwRulesAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxFwRulesController.ajaxDeviceFwRulesAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34244",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:06:46.504819Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:06:52.567Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AjaxFwRulesController.ajaxDeviceFwRulesAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAjaxFwRulesController.ajaxDeviceFwRulesAction()\u003c/span\u003e\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxFwRulesController.ajaxDeviceFwRulesAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:11.026Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxfwruelscontroller-ajaxdevicefwrulesaction"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via AjaxFwRulesController.ajaxDeviceFwRulesAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34244",
"datePublished": "2025-11-06T19:47:41.796Z",
"dateReserved": "2025-04-15T19:15:22.577Z",
"dateUpdated": "2025-11-17T19:38:11.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34243 (GCVE-0-2025-34243)
Vulnerability from cvelistv5 – Published: 2025-11-06 19:47 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxFwRulesController.ajaxNetworkFwRulesAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxFwRulesController.ajaxNetworkFwRulesAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34243",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:07:03.277998Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:07:10.296Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AjaxFwRulesController.ajaxNetworkFwRulesAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAjaxFwRulesController.ajaxNetworkFwRulesAction()\u003c/span\u003e\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxFwRulesController.ajaxNetworkFwRulesAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:10.859Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxfwrulescontroller-ajaxnetworkfwrulesaction"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via AjaxFwRulesController.ajaxNetworkFwRulesAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34243",
"datePublished": "2025-11-06T19:47:04.733Z",
"dateReserved": "2025-04-15T19:15:22.576Z",
"dateUpdated": "2025-11-17T19:38:10.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34242 (GCVE-0-2025-34242)
Vulnerability from cvelistv5 – Published: 2025-11-06 19:46 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxNetworkController.ajaxAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxNetworkController.ajaxAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34242",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:07:37.135177Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:08:14.910Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AjaxNetworkController.ajaxAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAjaxNetworkController.ajaxAction()\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxNetworkController.ajaxAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:10.701Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxnetworkcontroller"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via AjaxNetworkController.ajaxAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34242",
"datePublished": "2025-11-06T19:46:20.183Z",
"dateReserved": "2025-04-15T19:15:22.576Z",
"dateUpdated": "2025-11-17T19:38:10.701Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34241 (GCVE-0-2025-34241)
Vulnerability from cvelistv5 – Published: 2025-11-06 19:45 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxDeviceController.ajaxDeviceAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxDeviceController.ajaxDeviceAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34241",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:08:25.381686Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:08:33.015Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AjaxDeviceController.ajaxDeviceAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAjaxDeviceController.ajaxDeviceAction()\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxDeviceController.ajaxDeviceAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:10.537Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxdevicecontroller-ajaxdeviceaction"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via AjaxDeviceController.ajaxDeviceAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34241",
"datePublished": "2025-11-06T19:45:39.944Z",
"dateReserved": "2025-04-15T19:15:22.576Z",
"dateUpdated": "2025-11-17T19:38:10.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34240 (GCVE-0-2025-34240)
Vulnerability from cvelistv5 – Published: 2025-11-06 19:45 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via AppManagementController.appUpgradeAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AppManagementController.appUpgradeAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34240",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T21:01:32.445865Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T21:01:40.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AjaxDeviceController.ajaxActionValidateTable()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAppManagementController.appUpgradeAction()\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AppManagementController.appUpgradeAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:10.379Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-appmanagementcontroller-appupgradeaction"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via AppManagementController.appUpgradeAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34240",
"datePublished": "2025-11-06T19:45:02.692Z",
"dateReserved": "2025-04-15T19:15:22.575Z",
"dateUpdated": "2025-11-17T19:38:10.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34239 (GCVE-0-2025-34239)
Vulnerability from cvelistv5 – Published: 2025-11-06 19:44 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 Command Injection in AppManagementController.appUpgradeAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in AppManagementController.appUpgradeAction() that allows an authenticated system administrator to execute arbitrary commands as the web server user (www-data) by supplying a crafted uploaded filename.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34239",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:58:31.322177Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:58:37.711Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AppManagementController.appUpgradeAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAppManagementController.appUpgradeAction()\u0026nbsp;that allows an authenticated system administrator to execute arbitrary commands as the web server user (www-data) by supplying a crafted uploaded filename.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in\u00a0AppManagementController.appUpgradeAction()\u00a0that allows an authenticated system administrator to execute arbitrary commands as the web server user (www-data) by supplying a crafted uploaded filename."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:10.205Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-command-injection-in-appmanagementcontroller"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 Command Injection in AppManagementController.appUpgradeAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34239",
"datePublished": "2025-11-06T19:44:18.796Z",
"dateReserved": "2025-04-15T19:15:22.575Z",
"dateUpdated": "2025-11-17T19:38:10.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34247 (GCVE-0-2025-34247)
Vulnerability from nvd – Published: 2025-11-06 19:49 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via NetworksController.addNetworkAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in NetworksController.addNetworkAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34247",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:05:43.891584Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:05:51.848Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"NetworksController.addNetworkAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetworksController.addNetworkAction()\u003c/span\u003e\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0NetworksController.addNetworkAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:11.514Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-networkscontroller"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via NetworksController.addNetworkAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34247",
"datePublished": "2025-11-06T19:49:37.330Z",
"dateReserved": "2025-04-15T19:15:22.577Z",
"dateUpdated": "2025-11-17T19:38:11.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34246 (GCVE-0-2025-34246)
Vulnerability from nvd – Published: 2025-11-06 19:49 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxPrevalidationController.ajaxAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxPrevalidationController.ajaxAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34246",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:06:03.239793Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:06:14.132Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AjaxPrevalidationController.ajaxAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAjaxPrevalidationController.ajaxAction()\u003c/span\u003e\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxPrevalidationController.ajaxAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:11.350Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxprevalidationcontroller"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via AjaxPrevalidationController.ajaxAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34246",
"datePublished": "2025-11-06T19:49:01.611Z",
"dateReserved": "2025-04-15T19:15:22.577Z",
"dateUpdated": "2025-11-17T19:38:11.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34245 (GCVE-0-2025-34245)
Vulnerability from nvd – Published: 2025-11-06 19:48 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxStandaloneVpnClientsController.ajaxAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxStandaloneVpnClientsController.ajaxAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34245",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:06:23.374316Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:06:33.433Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AjaxStandaloneVpnClientsController.ajaxAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAjaxStandaloneVpnClientsController.ajaxAction()\u003c/span\u003e\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxStandaloneVpnClientsController.ajaxAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:11.183Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxstandalonevpnclientscontroller"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via AjaxStandaloneVpnClientsController.ajaxAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34245",
"datePublished": "2025-11-06T19:48:21.189Z",
"dateReserved": "2025-04-15T19:15:22.577Z",
"dateUpdated": "2025-11-17T19:38:11.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34244 (GCVE-0-2025-34244)
Vulnerability from nvd – Published: 2025-11-06 19:47 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxFwRulesController.ajaxDeviceFwRulesAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxFwRulesController.ajaxDeviceFwRulesAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34244",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:06:46.504819Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:06:52.567Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AjaxFwRulesController.ajaxDeviceFwRulesAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAjaxFwRulesController.ajaxDeviceFwRulesAction()\u003c/span\u003e\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxFwRulesController.ajaxDeviceFwRulesAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:11.026Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxfwruelscontroller-ajaxdevicefwrulesaction"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via AjaxFwRulesController.ajaxDeviceFwRulesAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34244",
"datePublished": "2025-11-06T19:47:41.796Z",
"dateReserved": "2025-04-15T19:15:22.577Z",
"dateUpdated": "2025-11-17T19:38:11.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34243 (GCVE-0-2025-34243)
Vulnerability from nvd – Published: 2025-11-06 19:47 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxFwRulesController.ajaxNetworkFwRulesAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxFwRulesController.ajaxNetworkFwRulesAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34243",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:07:03.277998Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:07:10.296Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AjaxFwRulesController.ajaxNetworkFwRulesAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAjaxFwRulesController.ajaxNetworkFwRulesAction()\u003c/span\u003e\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxFwRulesController.ajaxNetworkFwRulesAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:10.859Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxfwrulescontroller-ajaxnetworkfwrulesaction"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via AjaxFwRulesController.ajaxNetworkFwRulesAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34243",
"datePublished": "2025-11-06T19:47:04.733Z",
"dateReserved": "2025-04-15T19:15:22.576Z",
"dateUpdated": "2025-11-17T19:38:10.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34242 (GCVE-0-2025-34242)
Vulnerability from nvd – Published: 2025-11-06 19:46 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxNetworkController.ajaxAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxNetworkController.ajaxAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34242",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:07:37.135177Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:08:14.910Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AjaxNetworkController.ajaxAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAjaxNetworkController.ajaxAction()\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxNetworkController.ajaxAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:10.701Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxnetworkcontroller"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via AjaxNetworkController.ajaxAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34242",
"datePublished": "2025-11-06T19:46:20.183Z",
"dateReserved": "2025-04-15T19:15:22.576Z",
"dateUpdated": "2025-11-17T19:38:10.701Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34241 (GCVE-0-2025-34241)
Vulnerability from nvd – Published: 2025-11-06 19:45 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxDeviceController.ajaxDeviceAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxDeviceController.ajaxDeviceAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34241",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:08:25.381686Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:08:33.015Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AjaxDeviceController.ajaxDeviceAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAjaxDeviceController.ajaxDeviceAction()\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AjaxDeviceController.ajaxDeviceAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:10.537Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-ajaxdevicecontroller-ajaxdeviceaction"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via AjaxDeviceController.ajaxDeviceAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34241",
"datePublished": "2025-11-06T19:45:39.944Z",
"dateReserved": "2025-04-15T19:15:22.576Z",
"dateUpdated": "2025-11-17T19:38:10.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34240 (GCVE-0-2025-34240)
Vulnerability from nvd – Published: 2025-11-06 19:45 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 SQL Injection via AppManagementController.appUpgradeAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AppManagementController.appUpgradeAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34240",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T21:01:32.445865Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T21:01:40.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AjaxDeviceController.ajaxActionValidateTable()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAppManagementController.appUpgradeAction()\u0026nbsp;that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in\u00a0AppManagementController.appUpgradeAction()\u00a0that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:10.379Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-sqli-via-appmanagementcontroller-appupgradeaction"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 SQL Injection via AppManagementController.appUpgradeAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34240",
"datePublished": "2025-11-06T19:45:02.692Z",
"dateReserved": "2025-04-15T19:15:22.575Z",
"dateUpdated": "2025-11-17T19:38:10.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34239 (GCVE-0-2025-34239)
Vulnerability from nvd – Published: 2025-11-06 19:44 – Updated: 2025-11-17 19:38
VLAI?
Title
Advantech WebAccess/VPN < 1.1.5 Command Injection in AppManagementController.appUpgradeAction()
Summary
Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in AppManagementController.appUpgradeAction() that allows an authenticated system administrator to execute arbitrary commands as the web server user (www-data) by supplying a crafted uploaded filename.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/VPN |
Affected:
0 , < 1.1.5
(semver)
|
Credits
Alex Williams from Pellera Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34239",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:58:31.322177Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:58:37.711Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AppManagementController.appUpgradeAction()"
],
"product": "WebAccess/VPN",
"vendor": "Advantech",
"versions": [
{
"lessThan": "1.1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:advantech:webaccess\\/vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Williams from Pellera Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAppManagementController.appUpgradeAction()\u0026nbsp;that allows an authenticated system administrator to execute arbitrary commands as the web server user (www-data) by supplying a crafted uploaded filename.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in\u00a0AppManagementController.appUpgradeAction()\u00a0that allows an authenticated system administrator to execute arbitrary commands as the web server user (www-data) by supplying a crafted uploaded filename."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T19:38:10.205Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/advantech-webaccess-vpn-command-injection-in-appmanagementcontroller"
},
{
"tags": [
"product"
],
"url": "https://icr.advantech.com/download/software"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/VPN \u003c 1.1.5 Command Injection in AppManagementController.appUpgradeAction()",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34239",
"datePublished": "2025-11-06T19:44:18.796Z",
"dateReserved": "2025-04-15T19:15:22.575Z",
"dateUpdated": "2025-11-17T19:38:10.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}