CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2018-14820 – Advantech WebAccess Node drawsrv Arbitrary File Deletion Vulnerability
https://notcve.org/view.php?id=CVE-2018-14820
Advantech WebAccess 8.3.1 and earlier has a .dll component that is susceptible to external control of file name or path vulnerability, which may allow an arbitrary file deletion when processing. Advantech WebAccess 8.3.1 y anteriores tiene un componente .dll que es susceptible a una vulnerabilidad de control externo de ruta o nombre de archivo, lo que podría permitir la eliminación de un archivo arbitrario al procesarse. This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2715 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. • http://www.securityfocus.com/bid/105728 http://www.securitytracker.com/id/1041939 https://ics-cert.us-cert.gov/advisories/ICSA-18-296-01%2C • CWE-20: Improper Input Validation CWE-73: External Control of File Name or Path •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-15703
https://notcve.org/view.php?id=CVE-2018-15703
Advantech WebAccess 8.3.2 and below is vulnerable to multiple reflected cross site scripting vulnerabilities. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim to supply malicious HTML or JavaScript code to WebAccess, which is then reflected back to the victim and executed by the web browser. Advantech WebAccess 8.3.2 y anteriores es vulnerable a múltiples vulnerabilidades Cross-Site Scripting (XSS) reflejado. Un atacante remoto no autenticado podría explotar esta vulnerabilidad engañando a una víctima para que proporcione código HTML o JavaScript malicioso a WebAccess, que se devuelve a la víctima y es ejecutado por el navegador web. • https://www.tenable.com/security/research/tra-2018-33 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2018-15704
https://notcve.org/view.php?id=CVE-2018-15704
Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability by sending a crafted HTTP request to broadweb/system/opcImg.asp. Advantech WebAccess 8.3.2 y anteriores es vulnerable a un desbordamiento de búfer basado en pila. Un atacante autenticado remoto podría explotar esta vulnerabilidad enviando una petición HTTP manipulada a broadweb/system/opcImg.asp. • https://www.tenable.com/security/research/tra-2018-33 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 3%CPEs: 5EXPL: 0CVE-2018-7503 – Advantech WebAccess NMS DownloadAction Servlet Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-7503
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a path transversal vulnerability has been identified, which may allow an attacker to disclose sensitive information on the target. En Advantech WebAccess en versiones V8.2_20170817 y anteriores, WebAccess en versiones V8.3.0 y anteriores, WebAccess Dashboard en versiones V.2.0.15 y anteriores, WebAccess Scada Node en versiones anteriores a la 8.3.1 y WebAccess/NMS 2.0.3 y anteriores, se ha identificado una vulnerabilidad de salto de directorio que podría permitir que un atacante eevele información sensible en el objetivo. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DownloadAction servlet. When parsing the filename and taskname parameters, the process does not properly validate a user-supplied path prior to using it in file operations. • http://www.securityfocus.com/bid/104190 https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-8841 – Advantech WebAccess Node Product Installation File Access Control Modification Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-8841
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an improper privilege management vulnerability may allow an authenticated user to modify files when read access should only be given to the user. En Advantech WebAccess en versiones V8.2_20170817 y anteriores, WebAccess en versiones V8.3.0 y anteriores, WebAccess Dashboard en versiones V.2.0.15 y anteriores, WebAccess Scada Node en versiones anteriores a la 8.3.1 y WebAccess/NMS 2.0.3 y anteriores, una vulnerabilidad de gestión de privilegios incorrecta podría permitir que un usuario autenticado modifique archivos cuando el acceso de lectura solo se debería otorgar al usuario. This vulnerability allows local attackers to escalate privilege on vulnerable installations of Advantech WebAccess Node. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the access control that is set and modified during the installation of the product. The product installation weakens access control restrictions of pre-existing system files and sets weak access control restrictions on new files. • http://www.securityfocus.com/bid/104190 https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01 • CWE-269: Improper Privilege Management •