CVE-2019-3942

Summary

Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. An attacker can use this vulnerability to recover the administrator password.

Affected Software

VendorProductVersion RangeStatus
n/aAdvantech WebAccess8.3.4affected

Weaknesses

  • CWE-284: CWE-284 Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

References