Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output.

Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding.