CVE-2019-3940

Advantech WebAccess 8.3.4 is vulnerable to file upload attacks via unauthenticated RPC call. An unauthenticated, remote attacker can use this vulnerability to execute arbitrary code.

Published : 2019-04-09 16:29 Updated : 2019-10-09 23:49

7.5
CVSS Score More info
Score 7.5 / 10
7.5
Vendor Product Version URI
Advantech Webaccess 8.3.4 cpe:/a:advantech:webaccess:8.3.4
  1. Advantech (1) Search CVE
    1. Webaccess (1) Search CVE
      1. 8.3.4

CWE

ID Name Description Links
CWE-434 Unrestricted Upload of File with Dangerous Type The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. CVE

History of changes

Date Event
2019-04-10 18:18

New CVE