Security Advisory
CVE-2025-34247
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in NetworksController.addNetworkAction() that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information.