CVE-2025-48469

Critical CVSS: 9.6

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload firmware through a public update page, potentially leading to backdoor installation or privilege escalation.

Vendor

Advantech

Product

Wise-4060lan Firmware

CWE

CWE-306

Yayın Tarihi

2025-06-24 03:15:34

Güncelleme

2025-07-09 15:21:28

Source Identifier

5f57b9bf-260d-4433-bf07-b6a79e9bb7d4

KEV Date Added

Kategoriler

CWE-306 Wise-4060lan Firmware CRITICAL Advantech 2025

Referanslar

https://jro.sg/CVEs/CVE-2025-48469/ https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061/

Benzer Kayıtlar

Critical

CVE-2025-52694

Successful exploitation of the SQL injection vulnerability could allow an unauthenticated remote attacker to execute arb…

Medium

CVE-2025-67653

Advantech WebAccess/SCADA is vulnerable to directory traversal, which may allow an attacker to determine the existence o…

Medium

CVE-2025-46268

Advantech WebAccess/SCADA is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands…

Medium

CVE-2025-14848

Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, which may allow an attacker to determine the ex…

High

CVE-2025-14849

Advantech WebAccess/SCADA is vulnerable to unrestricted file upload, which may allow an attacker to remotely execute ar…

High

CVE-2025-14850

Advantech WebAccess/SCADA is vulnerable to directory traversal, which may allow an attacker to delete arbitrary files.