Arbitrary Web Content Extraction and Execution in Advantech/BroadWin WebAccess

Arbitrary Web Content Extraction and Execution in Advantech/BroadWin WebAccess

CVE-2011-4525 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Advantech/BroadWin WebAccess before 7.0 allows remote attackers to trigger the extraction of arbitrary web content into a batch file on a client system, and execute this batch file, via unspecified vectors.

Learn more about our Web App Pen Testing.