GCVE - cpe:2.3:a:advantech:r-seenet:2.4.12:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:advantech:r-seenet:2.4.12:*:*:*:*:*:*:*

part: a version: 2.4.12 update: *

Vendor	Advantech (`fedf766b-bee1-5692-bcc7-1aa8d9dc594c`)
Product	R Seenet (`907da83d-2b9a-5a36-a81c-2f713ff81b20`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-21805`	vulnerable	2026-06-03 14:43:46.022317	Details available CRITICAL (9.8) An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request to trigger this vulnerability. Published: 2021-08-05T20:03:59.000Z Updated: 2024-08-03T18:23:29.592Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2021-1274	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-21804`	vulnerable	2026-06-03 14:43:46.021953	Details available HIGH (8.1) A local file inclusion (LFI) vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary PHP code execution. An attacker can send a crafted HTTP request to trigger this vulnerability. Published: 2021-07-16T10:34:02.000Z Updated: 2024-08-03T18:23:29.514Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2021-1273	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-21803`	vulnerable	2026-06-03 14:43:46.021613	Details available CRITICAL (9.6) This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution. Published: 2021-07-16T10:37:30.000Z Updated: 2024-08-03T18:23:29.560Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-21802`	vulnerable	2026-06-03 14:43:46.021317	Details available CRITICAL (9.6) This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution. Published: 2021-07-16T10:37:19.000Z Updated: 2024-08-03T18:23:29.529Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-21801`	vulnerable	2026-06-03 14:43:46.020993	Details available CRITICAL (9.6) This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution. Published: 2021-07-16T10:37:13.000Z Updated: 2024-08-03T18:23:29.570Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-21800`	vulnerable	2026-06-03 14:43:46.020656	Details available CRITICAL (9.6) Cross-site scripting vulnerabilities exist in the ssh_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execution in the context of the targeted user’s browser. An attacker can provide a crafted URL to trigger this vulnerability. Published: 2021-07-16T10:33:56.000Z Updated: 2024-08-03T18:23:29.395Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2021-1271	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-21799`	vulnerable	2026-06-03 14:43:46.020217	Details available CRITICAL (9.6) Cross-site scripting vulnerabilities exist in the telnet_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execution in the context of the targeted user’s browser. An attacker can provide a crafted URL to trigger this vulnerability. Published: 2021-07-16T10:33:51.000Z Updated: 2024-08-03T18:23:29.559Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2021-1270	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.