Advantech WebAccess < 8.3.5 Multiple Vulnerabilities (ICSA-19-092-01)

2019-05-27T00:00:00
ID 700723.PRM
Type nessus
Reporter Tenable
Modified 2019-05-27T00:00:00

Description

The installed version of Advantech WebAccess is prior to 8.3.5 and is affected by the following vulnerabilities :

  • Multiple command injection vulnerabilities, caused by a lack of proper validation of user-supplied data, may allow remote code execution. (CVE-2019-6552)
  • Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution. (CVE-2019-6550)
  • An improper access control vulnerability may allow an attacker to cause a denial-of-service condition. (CVE-2019-6554)

                                        
                                            Binary data 700723.prm