Arbitrary File Upload Vulnerability in Advantech WebAccess/SCADA v9.1.3 and Prior

Arbitrary File Upload Vulnerability in Advantech WebAccess/SCADA v9.1.3 and Prior

CVE-2023-22450 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script file to a webserver when logged in as manager user, which can lead to arbitrary code execution.

Learn more about our Web App Pen Testing.