Advantech R-SeeNet 2.4.15
Approved changes feed: RSS · Atom
cpe:2.3:a:advantech:r-seenet:2.4.15:*:*:*:*:*:*:*
part: a version: 2.4.15 update: *
| Vendor | Advantech (fedf766b-bee1-5692-bcc7-1aa8d9dc594c) |
|---|---|
| Product | R Seenet (907da83d-2b9a-5a36-a81c-2f713ff81b20) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-21937 |
vulnerable | 2026-06-03 14:43:51.478112 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘host_alt_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
Published: 2021-12-22T18:07:16.000Z
Updated: 2024-08-03T18:30:23.940Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21936 |
vulnerable | 2026-06-03 14:43:51.477630 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘health_alt_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
Published: 2021-12-22T18:07:15.000Z
Updated: 2024-08-03T18:30:23.629Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21935 |
vulnerable | 2026-06-03 14:43:51.476972 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘host_alt_filter2’ parameter. This can be done as any authenticated user or through cross-site request forgery.
Published: 2021-12-22T18:07:14.000Z
Updated: 2024-08-03T18:30:23.137Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21934 |
vulnerable | 2026-06-03 14:43:46.138399 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘imei_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
Published: 2021-12-22T18:07:13.000Z
Updated: 2024-08-03T18:30:23.444Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21933 |
vulnerable | 2026-06-03 14:43:46.138104 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘esn_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
Published: 2021-12-22T18:07:12.000Z
Updated: 2024-08-03T18:30:23.693Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21932 |
vulnerable | 2026-06-03 14:43:46.137801 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘name_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
Published: 2021-12-22T18:07:11.000Z
Updated: 2024-08-03T18:30:23.414Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21931 |
vulnerable | 2026-06-03 14:43:46.137507 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at‘ stat_filter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.
Published: 2021-12-22T18:07:10.000Z
Updated: 2024-08-03T18:30:23.401Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21930 |
vulnerable | 2026-06-03 14:43:46.137210 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at ‘sn_filter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.
Published: 2021-12-22T18:07:10.000Z
Updated: 2024-08-03T18:30:23.662Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21929 |
vulnerable | 2026-06-03 14:43:46.136910 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at ‘prod_filter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.
Published: 2021-12-22T18:07:09.000Z
Updated: 2024-08-03T18:30:22.874Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21928 |
vulnerable | 2026-06-03 14:43:46.136590 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at ‘mac_filter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.
Published: 2021-12-22T18:07:08.000Z
Updated: 2024-08-03T18:30:23.145Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21927 |
vulnerable | 2026-06-03 14:43:46.136191 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘loc_filter’ parameter.
Published: 2021-12-22T18:07:07.000Z
Updated: 2024-08-03T18:30:23.405Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21926 |
vulnerable | 2026-06-03 14:43:46.135897 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘health_filter’ parameter.
Published: 2021-12-22T18:07:07.000Z
Updated: 2024-08-03T18:30:23.532Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21925 |
vulnerable | 2026-06-03 14:43:46.135608 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘firm_filter’ parameter.
Published: 2021-12-22T18:07:06.000Z
Updated: 2024-08-03T18:30:23.579Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21924 |
vulnerable | 2026-06-03 14:43:46.135305 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘desc_filter’ parameter.
Published: 2021-12-22T18:07:05.000Z
Updated: 2024-08-03T18:30:23.565Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21923 |
vulnerable | 2026-06-03 14:43:46.135020 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘company_filter’ parameter with the administrative account or through cross-site request forgery.
Published: 2021-12-22T18:07:03.000Z
Updated: 2024-08-03T18:30:23.137Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21922 |
vulnerable | 2026-06-03 14:43:46.134733 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘username_filter’ parameter with the administrative account or through cross-site request forgery.
Published: 2021-12-22T18:07:02.000Z
Updated: 2024-08-03T18:30:23.073Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21921 |
vulnerable | 2026-06-03 14:43:46.134445 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘name_filter’ parameter with the administrative account or through cross-site request forgery.
Published: 2021-12-22T18:07:00.000Z
Updated: 2024-08-03T18:30:23.471Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21920 |
vulnerable | 2026-06-03 14:43:46.134140 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘surname_filter’ parameter with the administrative account or through cross-site request forgery.
Published: 2021-12-22T18:07:00.000Z
Updated: 2024-08-03T18:30:23.301Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21919 |
vulnerable | 2026-06-03 14:43:46.133855 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ord’ parameter. However, the high privilege super-administrator account needs to be used to achieve exploitation without cross-site request forgery attack.
Published: 2021-12-22T18:06:59.000Z
Updated: 2024-08-03T18:30:23.312Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21918 |
vulnerable | 2026-06-03 14:43:46.133562 |
Details available
HIGH (7.7)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘name_filter’ parameter. However, the high privilege super-administrator account needs to be used to achieve exploitation without cross-site request forgery attack.
Published: 2021-12-22T18:06:58.000Z
Updated: 2024-08-03T18:30:23.473Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21917 |
vulnerable | 2026-06-03 14:43:46.133261 |
Details available
HIGH (7.7)
An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at '‘ord’ parameter. An attacker can make authenticated HTTP requests to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.
Published: 2021-12-22T18:06:57.000Z
Updated: 2024-08-03T18:30:23.138Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21916 |
vulnerable | 2026-06-03 14:43:46.132941 |
Details available
HIGH (7.7)
An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at 'description_filter’ parameter. An attacker can make authenticated HTTP requests to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.
Published: 2021-12-22T18:06:57.000Z
Updated: 2024-08-03T18:30:23.316Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21915 |
vulnerable | 2026-06-03 14:43:46.132608 |
Details available
HIGH (7.7)
An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at ‘company_filter’ parameter. An attacker can make authenticated HTTP requests to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.
Published: 2021-12-22T18:06:56.000Z
Updated: 2024-08-03T18:30:23.673Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21912 |
vulnerable | 2026-06-03 14:43:46.128938 |
Details available
HIGH (8.8)
A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability.
Published: 2021-12-22T18:06:55.000Z
Updated: 2024-08-03T18:30:22.881Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21911 |
vulnerable | 2026-06-03 14:43:46.128571 |
Details available
HIGH (8.8)
A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability.
Published: 2021-12-22T18:06:55.000Z
Updated: 2024-08-03T18:30:22.888Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21910 |
vulnerable | 2026-06-03 14:43:46.128104 |
Details available
HIGH (8.8)
A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability.
Published: 2021-12-22T18:06:54.000Z
Updated: 2024-08-03T18:30:23.130Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.