CVE-2014-0771

creationtimestamp| type| source ---|---|--- 2025-09-19 19:48:29+00:00| seen| Telegram/MjdIGTGYwBwcH0oIE1YdcVSztnSFQX52MDgdTB1aO3derVY...

Advantech WebAccess < 7.2-2013.11.14 Multiple Vulnerabilities

Binary data scadaadvantechwebaccess7220131114.nbin...

Advantech WebAccess bwocxrun.ocx任意文件访问漏洞

CVE ID:CVE-2014-0771 Advantech WebAccess HMI/SCADA是一款HMI/SCADA软件。 Advantech WebAccess BWOCXRUN.BwocxrunCtrl.1 ActiveX控件bwocxrun.ocx中的OpenUrlToBuffer方法存在安全漏洞，由于程序不正确对'file://' URL进行校验，允许攻击者访问任意文件。 0 Advantech WebAccess 7.1 Advantech WebAccess 7.2版本已修复该漏洞，建议用户下载使用： http://webaccess.advantech.com/...

CVE-2014-0771

Advantech WebAccess BWOCXRUN.BwocxrunCtrl.1 OpenUrlToBuffer in bwocxrun.ocx allows reading arbitrary files via file:// URLs because there is no URL validation. This enables remote-access scenarios where an attacker could read local or reachable files through JavaScript, within the browser context...