Known Vulnerabilities
CVE-2024-28948
Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other.
HIGH
CVSS 8.0
Published Sep 27, 2024
CVE-2024-39275
Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user.
HIGH
CVSS 8.0
Published Sep 27, 2024