Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-3953

EPSS 5.67% · P90
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-3953

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 allows a remote, unauthenticated attacker to execute arbitrary code by sending a crafted IOCTL 10012 RPC call.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Advantech WebAccess/SCADA 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Advantech WebAccess/SCADA是中国台湾研华(Advantech)公司的一套基于浏览器架构的SCADA软件。该软件支持动态图形显示和实时数据控制,并提供远程控制和管理自动化设备的功能。 Advantech WebAccess/SCADA 8.4.0版本中存在基于栈的缓冲区溢出漏洞。该漏洞源于网络系统或产品在内存上执行操作时,未正确验证数据边界,导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-Advantech WebAccess/SCADA 8.4.0 -

II. Public POCs for CVE-2019-3953

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2019-3953

登录查看更多情报信息。

Same Patch Batch · n/a · 2019-06-18 · 39 CVEs total

CVE-2019-12872dotCMS SQL注入漏洞
CVE-2018-18837Netdata Web application 注入漏洞
CVE-2018-18838Netdata Web application 注入漏洞
CVE-2018-18839Netdata Web application 信息泄露漏洞
CVE-2018-18852CERIO DT-300N 操作系统命令注入漏洞
CVE-2018-18875Columbia Weather Systems Weather MicroServer 跨站脚本漏洞
CVE-2018-18876Columbia Weather Systems Weather MicroServer 路径遍历漏洞
CVE-2018-18877Columbia Weather Systems Weather MicroServer 授权问题漏洞
CVE-2018-18878Columbia Weather Systems Weather MicroServer 输入验证错误漏洞
CVE-2018-18879Columbia Weather Systems Weather MicroServer 代码注入漏洞
CVE-2018-18836Netdata Web application 代码注入漏洞
CVE-2018-18880Columbia Weather Systems Weather MicroServer 跨站脚本漏洞
CVE-2018-18886Helpy 跨站脚本漏洞
CVE-2018-18944Artha 缓冲区错误漏洞
CVE-2018-20013UrBackup 输入验证错误漏洞
CVE-2019-6965Synetics i-doit 跨站脚本漏洞
CVE-2019-7159Open-Xchange OX App Suite 信息泄露漏洞
CVE-2019-10998Phoenix Contact PLCNext AXC F 2152 授权问题漏洞
CVE-2019-12823Pixel&tonic Craft CMS 跨站脚本漏洞
CVE-2017-8331Securifi Almond 命令注入漏洞

Showing top 20 of 39 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Advantech WebAccess/SCADA
Same vendor: n/a

V. Comments for CVE-2019-3953

No comments yet

Leave a comment