CVE-2018-14806

Advantech WebAccess 8.3.1 and earlier has a path traversal vulnerability which may allow an attacker to execute arbitrary code.

Published : 2018-10-23 20:29 Updated : 2019-10-09 23:35

7.5
CVSS Score More info
Score 7.5 / 10
7.5
Vendor Product Version URI
Advantech Webaccess 8.3.1 cpe:/a:advantech:webaccess:8.3.1
  1. Advantech (1) Search CVE
    1. Webaccess (1) Search CVE
      1. 8.3.1

CWE

ID Name Description Links
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. CVE

History of changes

Date Event
2018-12-03 19:57
2018-10-25 10:29
2018-10-24 10:29
2018-10-23 20:29

New CVE