CVE-2019-6552

Summary

Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple command injection vulnerabilities, caused by a lack of proper validation of user-supplied data, may allow remote code execution.

Affected Software

VendorProductVersion RangeStatus
AdvantechWebAccess/SCADAVersions 8.3.5 and prior.affected

Weaknesses

  • CWE-77: IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77

ADP Enrichment

CVE Program Container

Additional References

References