Lucene search

K
cvelistTenableCVELIST:CVE-2018-15705
HistoryOct 31, 2018 - 12:00 a.m.

CVE-2018-15705

2018-10-3100:00:00
tenable
www.cve.org

6.5 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.9%

WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrary code.

CNA Affected

[
  {
    "product": "Advantech WebAccess",
    "vendor": "Advantech",
    "versions": [
      {
        "status": "affected",
        "version": "8.3.1 and 8.3.2"
      }
    ]
  }
]

6.5 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.9%