Advantech WebAccess

🗓️ 04 Jan 2018 00:00:00Reported by Industrial Control Systems Cyber Emergency Response TeamType

ics

ics🔗 ics-cert.us-cert.gov👁 36 Views

Advantech WebAccess CVE-2017-16728 and CVE-2017-16724 vulnerabilities. Patch to version 8.3 to mitigate. Defensive measures recommended

Reporter	Title	Published	Views	Family All 99
0day.today	Advantech WebAccess < 8.3 - SQL Injection Exploit	30 Jan 201800:00	–	zdt
0day.today	Advantech WebAccess < 8.3 - Directory Traversal / Remote Code Execution Exploit	12 Mar 201800:00	–	zdt
BDU FSTEC	The vulnerability of the BwFreRPT component in the Advantech WebAccess remote monitoring software allows a intruder to execute arbitrary code.	12 Apr 201800:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the ChkAdminViewUsrPwd1 component in the Advantech WebAccess remote monitoring software allows a perpetrator to execute arbitrary code.	12 Apr 201800:00	–	bdu_fstec
Circl	CVE-2017-16720	12 Mar 201800:00	–	circl
CNVD	Advantech WebAccess SQL Injection Vulnerability (CNVD-2018-00669)	8 Jan 201800:00	–	cnvd
CNVD	Advantech WebAccess Path Traversal Vulnerability	8 Jan 201800:00	–	cnvd
CNVD	Advantech WebAccess stack buffer overflow vulnerability (CNVD-2018-00671)	8 Jan 201800:00	–	cnvd
CNVD	Advantech WebAccess Input Validation Vulnerability	5 Jan 201800:00	–	cnvd
CNVD	Advantech WebAccess Denial of Service Vulnerability (CNVD-2018-00673)	8 Jan 201800:00	–	cnvd

Source	Link
web	www.web.nvd.nist.gov/view/vuln/detail
first	www.first.org/cvss/calculator/3.0
web	www.web.nvd.nist.gov/view/vuln/detail
us-cert	www.us-cert.gov/forms/feedback
twitter	www.twitter.com/share
cwe	www.cwe.mitre.org/data/definitions/20.html
first	www.first.org/cvss/calculator/3.0
us-cert	www.us-cert.gov/pdf/
us-cert	www.us-cert.gov/accessibility/
addthis	www.addthis.com/bookmark.php

10 Jan 2018 00:00Current

0.8Low risk

Vulners AI Score0.8

CVSS 210

CVSS 39.8

EPSS0.21846

advantech webaccess cve-2017-16728 cve-2017-16724 vulnerabilities patch version 8.3 defensive measures