VYPR

WISE-PaaS/RMM

by Advantech

CVEs (4)

  • CVE-2019-18229Oct 31, 2019
    risk 0.00cvss epss 0.02

    Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Lack of sanitization of user-supplied input cause SQL injection vulnerabilities. An attacker can leverage these vulnerabilities to disclose information.

  • CVE-2019-18227Oct 31, 2019
    risk 0.00cvss epss 0.03

    Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. XXE vulnerabilities exist that may allow disclosure of sensitive data.

  • CVE-2019-13547Oct 31, 2019
    risk 0.00cvss epss 0.03

    Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. There is an unsecured function that allows anyone who can access the IP address to use the function without authentication.

  • CVE-2019-13551Oct 31, 2019
    risk 0.00cvss epss 0.05

    Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Path traversal vulnerabilities are caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage these vulnerabilities to remotely execute code while posing as an…