Adam-5630 Firmware
Vulnerabilities
3
Known exploited
0
Max CVSS
8.5
Top EPSS
0.00394
Severity breakdown
Critical
0
High
2
Medium
1
Low
0
Affected version ranges
< 2.5.2
Also matched as (raw): adam-5630_firmware
Top vulnerabilities
CVE-2024-39275Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a
session is closed. Forging requests with a legitimate cookie, even if
the session was terminated, allows an unauthorized attacker to act with
the same level of privileges of the legitimate user.
CVE-2024-28948Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an attacker to partly circumvent the same
origin policy, which is designed to prevent different websites from
interfering with each other.
CVE-2024-34542Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process.