Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-27437 | 1 Advantech | 1 Wise-paas\/rmm | 2021-05-19 | 6.4 MEDIUM | 9.1 CRITICAL |
| The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard. The system contains a hard-coded administrator username and password that can be used to query Grafana APIs. Authentication is not required for exploitation on the WISE-PaaS/RMM (versions prior to 9.0.1). | |||||
| CVE-2019-13547 | 1 Advantech | 1 Wise-paas\/rmm | 2021-05-13 | 10.0 HIGH | 9.8 CRITICAL |
| Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. There is an unsecured function that allows anyone who can access the IP address to use the function without authentication. | |||||
| CVE-2019-13551 | 1 Advantech | 1 Wise-paas\/rmm | 2021-05-13 | 10.0 HIGH | 9.8 CRITICAL |
| Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Path traversal vulnerabilities are caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage these vulnerabilities to remotely execute code while posing as an administrator. | |||||