External Control of File Name or Path Vulnerability in Advantech WebAccess

External Control of File Name or Path Vulnerability in Advantech WebAccess

CVE-2018-7495 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:P

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an external control of file name or path vulnerability has been identified, which may allow an attacker to delete files.

Learn more about our Web App Pen Testing.