CNNVD-202511-507 Information
CNNVD ID
CNNVD-202511-507
Related CVE
- CNNVD Published: 2025-11-06
Description (Chinese)
Advantech WebAccess/VPN是中国台湾研华(Advantech)公司的一款高级网络安全平台。 Advantech WebAccess/VPN 1.1.5之前版本存在安全漏洞,该漏洞源于NetworksController.addNetworkAction对用户输入验证不足,可能导致存储型跨站脚本攻击。
Description (English)
Advantech WebAccess/VPN is a high-level network security platform for the company Advantech. There was a security loophole in the pre-Advantech WebAccess/VPN 1.1.5 version, which originated from the inadequate user input verification of NetworksController.addNetworkaction, which could lead to a storage-type cross-site script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
研华
Published
2025-11-06
Last Modified
2026-02-24
References
https://icr.advantech.com/download/software https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf https://www.vulncheck.com/advisories/advantech-webaccess-vpn-stored-xss-via-networkcontroller
Patch
https://icr.advantech.com/download/software
Share on: