CVE-2019-18257

Summary

In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code with the privileges of the user running DiagAnywhere Server.

Affected Software

VendorProductVersion RangeStatus
n/aAdvantech DiagAnywhere ServerVersions 3.07.11 and prioraffected

Weaknesses

  • CWE-121: STACK-BASED BUFFER OVERFLOW CWE-121

ADP Enrichment

CVE Program Container

Additional References

References