Unauthenticated Remote File Read Vulnerability in Advantech WebAccess 8.3.4

Unauthenticated Remote File Read Vulnerability in Advantech WebAccess 8.3.4

CVE-2019-3942 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. An attacker can use this vulnerability to recover the administrator password.

Learn more about our Web App Pen Testing.