Advantech Wise-deviceon_server

11 CVEs affecting Advantech Wise-deviceon_server. Latest disclosed: 2025-12-05. Critical: 1, High: 0.

Top CVEs affecting Advantech Wise-deviceon_server
CVESeverityScorePublishedSummary
CVE-2025-34256Critical9.82025-12-05Advantech WISE-DeviceOn Server versions prior to 5.4 contain a hard-coded cryptographic key vulnerability. The product uses a static HS512 HMAC secret for sign…
CVE-2025-34266Medium5.42025-12-05Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS) vulnerability in the /rmm/v1/plugin-config/addins/menus endpoi…
CVE-2025-34265Medium5.42025-12-05Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS) vulnerability in the /rmm/v1/rule-engines endpoint. When an au…
CVE-2025-34264Medium5.42025-12-05Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS) vulnerability in the /rmm/v1/dog/{agentId} endpoint. When an a…
CVE-2025-34263Medium5.42025-12-05Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS) vulnerability in the /rmm/v1/plugin-config/dashboards/menus en…
CVE-2025-34262Medium5.42025-12-05Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS) vulnerability in the /rmm/v1/devices/name/{agent_id} endpoint…
CVE-2025-34261Medium5.42025-12-05Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS) vulnerability in the /rmm/v1/devicegroups/ endpoint. When an a…
CVE-2025-34260Medium5.42025-12-05Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS) vulnerability in the /rmm/v1/action/schedule endpoint. When an…
CVE-2025-34259Medium5.42025-12-05Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS) vulnerability in the /rmm/v1/devicemap/building endpoint. When…
CVE-2025-34258Medium5.42025-12-05Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS) vulnerability in the /rmm/v1/devicemap/plan endpoint. When an…
CVE-2025-34257Medium5.42025-12-05Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS) vulnerability in the /rmm/v1/action/defined endpoint. When an…