WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrary code.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: tenable
Published: 2018-10-31T22:00:00Z
Updated: 2024-09-16T17:59:24.977Z
Reserved: 2018-08-22T00:00:00
Link: CVE-2018-15705
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-10-31T22:29:00.413
Modified: 2018-12-12T18:02:34.330
Link: CVE-2018-15705
Redhat
No data.