CVE-2018-14820

Summary

Advantech WebAccess 8.3.1 and earlier has a .dll component that is susceptible to external control of file name or path vulnerability, which may allow an arbitrary file deletion when processing.

Affected Software

VendorProductVersion RangeStatus
AdvantechAdvantech WebAccessWebAccess Versions 8.3.1 and prioraffected

Weaknesses

  • CWE-73: EXTERNAL CONTROL OF FILE NAME OR PATH CWE-73

ADP Enrichment

CVE Program Container

Additional References

References