An issue in Advantech WebAccess 8.1 allows SQL injection to gain admin access
Reporter | Title | Published | Views | Family All 13 |
---|---|---|---|---|
0day.today | Advantech WebAccess 8.1 Post Authentication Credential Collector Exploit | 18 Feb 201700:00 | – | zdt |
Prion | Sql injection | 13 Feb 201721:59 | – | prion |
Cvelist | CVE-2017-5154 | 13 Feb 201721:00 | – | cvelist |
NVD | CVE-2017-5154 | 13 Feb 201721:59 | – | nvd |
Check Point Advisories | Advantech WebAccess updateTemplate.aspx SQL Injection (CVE-2017-5154) | 26 Jan 201700:00 | – | checkpoint_advisories |
Zero Day Initiative | Advantech WebAccess updateTemplate SQL Injection Information Disclosure Vulnerability | 12 Jan 201700:00 | – | zdi |
OpenVAS | Advantech WebAccess 'updateTemplate.aspx' SQL Injection and Authentication Bypass Vulnerabilities | 31 Jan 201700:00 | – | openvas |
OpenVAS | Advantech WebAccess Multiple Vulnerabilities | 13 Jan 201700:00 | – | openvas |
Metasploit | Advantech WebAccess 8.1 Post Authentication Credential Collector | 26 Jan 201720:53 | – | metasploit |
Tenable Nessus | Advantech WebAccess SQLi | 30 Jan 201700:00 | – | nessus |
[
{
"product": "Advantech WebAccess 8.1",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Advantech WebAccess 8.1"
}
]
}
]
Source | Link |
---|---|
ics-cert | www.ics-cert.us-cert.gov/advisories/ICSA-17-012-01 |
tenable | www.tenable.com/security/research/tra-2017-04 |
securityfocus | www.securityfocus.com/bid/95410 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo