CVE-2025-48463

Low CVSS: 3.1

Successful exploitation of the vulnerability could allow an attacker to intercept data and conduct session hijacking on the exposed data as the vulnerable product uses unencrypted HTTP communication, potentially leading to unauthorised access or data tampering.

Vendor

Advantech

Product

Wise-4060lan Firmware

CWE

CWE-312

Yayın Tarihi

2025-06-24 03:15:33

Güncelleme

2025-07-09 15:03:14

Source Identifier

5f57b9bf-260d-4433-bf07-b6a79e9bb7d4

KEV Date Added

Kategoriler

CWE-312 Wise-4060lan Firmware LOW Advantech 2025

Referanslar

https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061

Benzer Kayıtlar

Critical

CVE-2025-52694

Successful exploitation of the SQL injection vulnerability could allow an unauthenticated remote attacker to execute arb…

Medium

CVE-2025-67653

Advantech WebAccess/SCADA is vulnerable to directory traversal, which may allow an attacker to determine the existence o…

Medium

CVE-2025-46268

Advantech WebAccess/SCADA is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands…

Medium

CVE-2025-14848

Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, which may allow an attacker to determine the ex…

High

CVE-2025-14849

Advantech WebAccess/SCADA is vulnerable to unrestricted file upload, which may allow an attacker to remotely execute ar…

High

CVE-2025-14850

Advantech WebAccess/SCADA is vulnerable to directory traversal, which may allow an attacker to delete arbitrary files.