3 matches found
CVE-2016-9351
CVE-2016-9351 affects Advantech SUISAccess Server (3.0 and earlier). A directory traversal/file upload flaw allows uploading and unpacking a zip file, enabling potential arbitrary file write. Public PoCs and advisories (RecoveryMgmt/upload) demonstrate a traversal path to place files on the serve...
CVE-2016-9349
CVE-2016-9349 affects Advantech SUSIAccess Server (
CVE-2016-9353
CVE-2016-9353 affects Advantech SUSIAccess Server (3.0 and earlier). The admin password is stored on the system and encrypted with a static, hard-coded key, enabling reverse retrieval and misuse of the admin account. ZDI/ZDI-adjacent disclosures describe a local privilege/escalation path leveragi...