ZDI-23-1157: Advantech R-SeeNet device_status Local File Inclusion Privilege Escalation Vulnerability

Aug. 21, 2023, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to escalate privileges on affected installations of Advantech R-SeeNet. Authentication is required to exploit this vulnerability.

advantech attackers authentication escalation exploit file inclusion local privilege privilege escalation privileges vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-439: Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Remote Code Execution Vulnerability 21 hours ago | www.zerodayinitiative.com

arbitrary code attackers bluetooth code +20

ZDI-24-438: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 21 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +16

ZDI-24-437: Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability 21 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +15

ZDI-24-436: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 21 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +16

ZDI-24-435: Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability 21 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +15

ZDI-24-434: Dassault Systèmes eDrawings Viewer SAT File Parsing Uninitialized Variable Remote Code Execution Vulnerability 21 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +16

ZDI-24-433: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 21 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +16

ZDI-24-432: Dassault Systèmes eDrawings Viewer JT File Parsing Memory Corruption Remote Code Execution Vulnerability 21 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +17

ZDI-24-431: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 21 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +16

Embedded VSOC Analyst

@ Sibylline Ltd | Australia, Australia

View on infosec-jobs.com

Cloud Security Platform Engineer

@ Google | London, UK; United Kingdom

View on infosec-jobs.com

Senior Associate Cybersecurity GRC - FedRAMP

@ Workday | USA, VA, McLean

View on infosec-jobs.com

Senior Incident Response Consultant, Mandiant, Google Cloud

@ Google | Mexico; Colombia

View on infosec-jobs.com

Cyber Software Engineering, Advisor

@ Peraton | Fort Gordon, GA, United States

View on infosec-jobs.com

Cloud Security Architect (Federal)

@ Moveworks | Remote, USA

View on infosec-jobs.com

View more jobs

all InfoSec news

ZDI-23-1157: Advantech R-SeeNet device_status Local File Inclusion Privilege Escalation Vulnerability

More from www.zerodayinitiative.com / ZDI: Published Advisories

Jobs in InfoSec / Cybersecurity

Embedded VSOC Analyst

Cloud Security Platform Engineer

Senior Associate Cybersecurity GRC - FedRAMP

Senior Incident Response Consultant, Mandiant, Google Cloud

Cyber Software Engineering, Advisor

Cloud Security Architect (Federal)