Filtered by vendor Advantech
Subscriptions
Filtered by product Deviceon\/iedge
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58423 | 1 Advantech | 2 Deviceon/iedge, Deviceon\/iedge | 2025-11-21 | 8.8 High |
| Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to cause a denial-of-service condition, traverse directories, or read/write files, within the context of the local system account. | ||||
| CVE-2025-64302 | 1 Advantech | 2 Deviceon/iedge, Deviceon\/iedge | 2025-11-19 | 6.4 Medium |
| Insufficient input sanitization in the dashboard label or path can allow an attacker to trigger a device error causing information disclosure or data manipulation. | ||||
| CVE-2025-62630 | 1 Advantech | 2 Deviceon/iedge, Deviceon\/iedge | 2025-11-19 | 8.8 High |
| Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions. | ||||
| CVE-2025-59171 | 1 Advantech | 2 Deviceon/iedge, Deviceon\/iedge | 2025-11-19 | 7.5 High |
| Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions. | ||||
| CVE-2021-40389 | 1 Advantech | 1 Deviceon\/iedge | 2025-04-15 | 8.8 High |
| A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge Server 1.0.2. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. | ||||
Page 1 of 1.