CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0853
https://notcve.org/view.php?id=CVE-2016-0853
Advantech WebAccess before 8.1 allows remote attackers to obtain sensitive information via crafted input. Advantech WebAccess en versiones anteriores a 8.1 permite a atacantes remotos obtener información sensible a través de una entrada manipulada. • https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0852
https://notcve.org/view.php?id=CVE-2016-0852
Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors. Advantech WebAccess en versiones anteriores a 8.1 permite a atacantes remotos eludir un requerimiento destinado a la administración y obtener acceso a archivos o carpetas a través de vectores no especificados. • https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 42%CPEs: 1EXPL: 1CVE-2016-0854 – Advantech WebAccess Dashboard Viewer saveGeneralFile Arbitrary File Creation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0854
Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess before 8.1 allows remote attackers to write to files of arbitrary types via unspecified vectors. Vulnerabilidad de carga de archivos sin restricciones en la función uploadImageCommon en el script UploadAjaxAction en la WebAccess Dashboard Viewer en Advantech WebAccess en versiones anteriores a 8.1 permite a atacantes remotos escribir en archivos de tipos arbitrarios a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the SaveGeneralFile functionality allows unauthenticated callers to upload arbitrary code to directories in the server where the code can be automatically executed under the high-privilege context of the IIS AppPool. • https://www.exploit-db.com/exploits/39735 http://www.rapid7.com/db/modules/exploit/windows/scada/advantech_webaccess_dashboard_file_upload http://www.zerodayinitiative.com/advisories/ZDI-16-127 http://www.zerodayinitiative.com/advisories/ZDI-16-128 http://www.zerodayinitiative.com/advisories/ZDI-16-129 https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01 •
CVSS: 9.3EPSS: 18%CPEs: 1EXPL: 0CVE-2016-0851 – Advantech WebAccess webvrpcs Service BwOpcSvc.dll sprintf Uncontrolled Format String Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0851
Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service (out-of-bounds memory access) via unspecified vectors. Advantech WebAccess en versiones anteriores a 8.1 permite a atacantes remotos causar una denegación de servicio (acceso a memoria fuera de rango) a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x13881 IOCTL in the BwOpcTool subsystem. An uncontrolled format string vulnerability exists in a call to sprintf. • https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 33%CPEs: 1EXPL: 0CVE-2016-0855 – Advantech WebAccess Dashboard Viewer openWidget Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-0855
Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors. Vulnerabilidad de salto de directorio en Advantech WebAccess en versiones anteriores a 8.1 permite a atacantes remotos listar archivos virtuales del directorio virtual a través de vectores no especificados. This vulnerability allows remote attackers to disclose arbitrary file contents on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the openWidget script allows unauthenticated callers to read the content of arbitrary files on the WebAccess server. • http://www.zerodayinitiative.com/advisories/ZDI-16-122 http://www.zerodayinitiative.com/advisories/ZDI-16-123 http://www.zerodayinitiative.com/advisories/ZDI-16-124 http://www.zerodayinitiative.com/advisories/ZDI-16-125 http://www.zerodayinitiative.com/advisories/ZDI-16-126 https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •