Arbitrary File Read Vulnerability in Advantech WebAccess

Arbitrary File Read Vulnerability in Advantech WebAccess

CVE-2014-0771 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The OpenUrlToBuffer method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a file: URL.

Learn more about our Web App Pen Testing.