CVE-2018-15706
https://notcve.org/view.php?id=CVE-2018-15706
WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API. WADashboard API en Advantech WebAccess 8.3.1 y 8.3.2 permite que atacantes autenticados remotos lean cualquier archivo del sistema de archivos debido a una vulnerabilidad de salto de directorio en la API readFile. • https://www.tenable.com/security/research/tra-2018-35 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2018-15707 – Advantech WebAccess SCADA 8.3.2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-15707
Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site scripting in the Bwmainleft.asp page. An attacker could leverage this vulnerability to disclose credentials amongst other things. Advantech WebAccess 8.3.1 y 8.3.2 son vulnerables a Cross-Site Scripting (XSS) en la página Bwmainleft.asp. Un atacante podría aprovechar esta vulnerabilidad para divulgar credenciales, entre otras cosas. Advantech WebAccess SCADA version 8.3.2 suffers from a code execution vulnerability. • https://www.exploit-db.com/exploits/45774 https://www.tenable.com/security/research/tra-2018-35 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-17908 – Advantech WebAccess Client Improper Access Control Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-17908
WebAccess Versions 8.3.2 and prior. During installation, the application installer disables user access control and does not re-enable it after the installation is complete. This could allow an attacker to run elevated arbitrary code. WebAccess en versiones 8.3.2 y anteriores. Durante la instalación, el instalador de la aplicación deshabilita el control de acceso de los usuario y no lo rehabilita tras completar la instalación. • http://www.securityfocus.com/bid/105736 http://www.securitytracker.com/id/1041957 https://ics-cert.us-cert.gov/advisories/ICSA-18-298-02 • CWE-284: Improper Access Control •
CVE-2018-17910 – Advantech WebAccess Client bwswfcfg Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17910
WebAccess Versions 8.3.2 and prior. The application fails to properly validate the length of user-supplied data, causing a buffer overflow condition that allows for arbitrary remote code execution. WebAccess en versiones 8.3.2 y anteriores. La aplicación no valida correctamente la longitud de los datos proporcionados por el usuario, provocando una condición de desbordamiento de búfer que permite la ejecución remota de código. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Client. • http://www.securityfocus.com/bid/105736 http://www.securitytracker.com/id/1041957 https://ics-cert.us-cert.gov/advisories/ICSA-18-298-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVE-2018-15704
https://notcve.org/view.php?id=CVE-2018-15704
Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability by sending a crafted HTTP request to broadweb/system/opcImg.asp. Advantech WebAccess 8.3.2 y anteriores es vulnerable a un desbordamiento de búfer basado en pila. Un atacante autenticado remoto podría explotar esta vulnerabilidad enviando una petición HTTP manipulada a broadweb/system/opcImg.asp. • https://www.tenable.com/security/research/tra-2018-33 • CWE-787: Out-of-bounds Write •