Joel Chang

CVE-2025-48461

Predictable session cookies that can be bruteforced to gain unauthorized access to Advantech WISE portal

Advisory: https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061

Lack of proper sanitization on the access point that could allow an attacker to inject commands with root privileges

Advisory: https://www.al-enterprise.com/-/media/567414972b57459697030898f92ac043.pdf