CVE-2018-15705

Summary

WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
AdvantechAdvantech WebAccess8.3.1 and 8.3.2affected

Weaknesses

  • Directory Traversal

ADP Enrichment

CVE Program Container

Additional References

References