Search criteria
60 vulnerabilities found for webaccess\/nms by advantech
VAR-201805-1143
Vulnerability from variot - Updated: 2025-12-22 23:48In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-based buffer overflow vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within notify2.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A stack buffer overflow vulnerability exists in several Advantech products
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess node",
"scope": null,
"trust": 9.1,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-511"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-513"
},
{
"db": "ZDI",
"id": "ZDI-18-501"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-503"
},
{
"db": "ZDI",
"id": "ZDI-18-521"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005072"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005072"
}
]
},
"credits": {
"_id": null,
"data": "Mat Powell - Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-511"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-501"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-503"
},
{
"db": "ZDI",
"id": "ZDI-18-521"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
}
],
"trust": 8.4
},
"cve": "CVE-2018-7499",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-7499",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 9.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7499",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-10713",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7499",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-7499",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-7499",
"trust": 9.1,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7499",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-7499",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-10713",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-446",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-511"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-513"
},
{
"db": "ZDI",
"id": "ZDI-18-501"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-503"
},
{
"db": "ZDI",
"id": "ZDI-18-521"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005072"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-based buffer overflow vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within notify2.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A stack buffer overflow vulnerability exists in several Advantech products",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7499"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005072"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "ZDI",
"id": "ZDI-18-521"
},
{
"db": "ZDI",
"id": "ZDI-18-503"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-501"
},
{
"db": "ZDI",
"id": "ZDI-18-513"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-511"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
}
],
"trust": 10.53
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-7499",
"trust": 12.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.0
},
{
"db": "BID",
"id": "104190",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2018-10713",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005072",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5691",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-516",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5694",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-519",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5698",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-523",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5700",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-525",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5684",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-509",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5686",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-511",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5682",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-507",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5688",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-513",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5676",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-501",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5681",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-506",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5678",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-503",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5696",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-521",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5699",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-524",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F10D30-39AB-11E9-AE57-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-511"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-513"
},
{
"db": "ZDI",
"id": "ZDI-18-501"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-503"
},
{
"db": "ZDI",
"id": "ZDI-18-521"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005072"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"id": "VAR-201805-1143",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
}
],
"trust": 1.4316815933333333
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
}
]
},
"last_update_date": "2025-12-22T23:48:56.039000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 9.1,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.advantech.co.jp/"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2018-10713)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130743"
},
{
"title": "Multiple Advantech Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80056"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-511"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-513"
},
{
"db": "ZDI",
"id": "ZDI-18-501"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-503"
},
{
"db": "ZDI",
"id": "ZDI-18-521"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005072"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005072"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 12.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7499"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7499"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-511"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-513"
},
{
"db": "ZDI",
"id": "ZDI-18-501"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-503"
},
{
"db": "ZDI",
"id": "ZDI-18-521"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005072"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-516",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-519",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-523",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-525",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-509",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-511",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-507",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-513",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-501",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-506",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-503",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-521",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-524",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10713",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005072",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-7499",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-05-31T00:00:00",
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-516",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-519",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-523",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-525",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-509",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-511",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-507",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-513",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-501",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-506",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-503",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-521",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-524",
"ident": null
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10713",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-446",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005072",
"ident": null
},
{
"date": "2018-05-15T22:29:00.503000",
"db": "NVD",
"id": "CVE-2018-7499",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-516",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-519",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-523",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-525",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-509",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-511",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-507",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-513",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-501",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-506",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-503",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-521",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-524",
"ident": null
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10713",
"ident": null
},
{
"date": "2020-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-446",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005072",
"ident": null
},
{
"date": "2024-11-21T04:12:15.050000",
"db": "NVD",
"id": "CVE-2018-7499",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "plural Advantech WebAccess Product buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005072"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
}
],
"trust": 0.8
}
}
VAR-201805-1144
Vulnerability from variot - Updated: 2025-12-22 23:48In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several SQL injection vulnerabilities have been identified, which may allow an attacker to disclose sensitive information from the host. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the handling of the PointList function in BWMobileService.dll. When parsing the ProjectName parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). SQL injection vulnerabilities exist in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess node",
"scope": null,
"trust": 9.1,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-473"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"credits": {
"_id": null,
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-473"
}
],
"trust": 9.1
},
"cve": "CVE-2018-7501",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2018-7501",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 7.0,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7501",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 3.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2018-10317",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-137533",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7501",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-7501",
"trust": 9.1,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7501",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-10317",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-445",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137533",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-473"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "VULHUB",
"id": "VHN-137533"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several SQL injection vulnerabilities have been identified, which may allow an attacker to disclose sensitive information from the host. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the handling of the PointList function in BWMobileService.dll. When parsing the ProjectName parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). SQL injection vulnerabilities exist in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7501"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-473"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137533"
}
],
"trust": 10.17
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-7501",
"trust": 11.9
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 2.6
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-10317",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5611",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-481",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5653",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-489",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5649",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-485",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5652",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-488",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5650",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-486",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5609",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-479",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5597",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-474",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5608",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-478",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5590",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-553",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5606",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-476",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5610",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-480",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5651",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-487",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5596",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-473",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F022CF-39AB-11E9-A809-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137533",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-473"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "VULHUB",
"id": "VHN-137533"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"id": "VAR-201805-1144",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "VULHUB",
"id": "VHN-137533"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
}
]
},
"last_update_date": "2025-12-22T23:48:55.924000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 9.1,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patch for Advantech WebAccess SQL Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130233"
},
{
"title": "Multiple Advantech product SQL Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80055"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-473"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-89",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137533"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 11.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-473"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "VULHUB",
"id": "VHN-137533"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-481",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-489",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-485",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-488",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-486",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-479",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-474",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-478",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-553",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-476",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-480",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-487",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-473",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10317",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-137533",
"ident": null
},
{
"db": "BID",
"id": "104190",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-7501",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-05-25T00:00:00",
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-481",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-489",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-485",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-488",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-486",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-479",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-474",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-478",
"ident": null
},
{
"date": "2018-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-553",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-476",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-480",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-487",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-473",
"ident": null
},
{
"date": "2018-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10317",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-137533",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-445",
"ident": null
},
{
"date": "2018-05-15T22:29:00.567000",
"db": "NVD",
"id": "CVE-2018-7501",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-481",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-489",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-485",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-488",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-486",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-479",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-474",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-478",
"ident": null
},
{
"date": "2018-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-553",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-476",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-480",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-487",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-473",
"ident": null
},
{
"date": "2018-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10317",
"ident": null
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-137533",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-445",
"ident": null
},
{
"date": "2024-11-21T04:12:15.263000",
"db": "NVD",
"id": "CVE-2018-7501",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess Node BWSCADASoap GetAlarms SQL Injection Information Disclosure Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-481"
}
],
"trust": 0.7
},
"type": {
"_id": null,
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
}
],
"trust": 0.8
}
}
VAR-202004-0077
Vulnerability from variot - Updated: 2025-12-22 23:42There are multiple ways an unauthenticated attacker could perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of calls to the getManagedDeviceByIP method of the DBUtil class. When parsing the deviceIP parameter of the upgBkpResults endpoint, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose files in the context of SYSTEM
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess/nms",
"scope": null,
"trust": 11.9,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "3.0.2"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-438"
},
{
"db": "ZDI",
"id": "ZDI-20-374"
},
{
"db": "ZDI",
"id": "ZDI-20-412"
},
{
"db": "ZDI",
"id": "ZDI-20-439"
},
{
"db": "ZDI",
"id": "ZDI-20-395"
},
{
"db": "ZDI",
"id": "ZDI-20-416"
},
{
"db": "ZDI",
"id": "ZDI-20-442"
},
{
"db": "ZDI",
"id": "ZDI-20-427"
},
{
"db": "ZDI",
"id": "ZDI-20-425"
},
{
"db": "ZDI",
"id": "ZDI-20-375"
},
{
"db": "ZDI",
"id": "ZDI-20-445"
},
{
"db": "ZDI",
"id": "ZDI-20-415"
},
{
"db": "ZDI",
"id": "ZDI-20-437"
},
{
"db": "ZDI",
"id": "ZDI-20-377"
},
{
"db": "ZDI",
"id": "ZDI-20-435"
},
{
"db": "ZDI",
"id": "ZDI-20-407"
},
{
"db": "ZDI",
"id": "ZDI-20-417"
},
{
"db": "NVD",
"id": "CVE-2020-10617"
}
]
},
"credits": {
"_id": null,
"data": "rgod of 9sg",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-438"
},
{
"db": "ZDI",
"id": "ZDI-20-374"
},
{
"db": "ZDI",
"id": "ZDI-20-412"
},
{
"db": "ZDI",
"id": "ZDI-20-439"
},
{
"db": "ZDI",
"id": "ZDI-20-395"
},
{
"db": "ZDI",
"id": "ZDI-20-416"
},
{
"db": "ZDI",
"id": "ZDI-20-442"
},
{
"db": "ZDI",
"id": "ZDI-20-427"
},
{
"db": "ZDI",
"id": "ZDI-20-425"
},
{
"db": "ZDI",
"id": "ZDI-20-375"
},
{
"db": "ZDI",
"id": "ZDI-20-445"
},
{
"db": "ZDI",
"id": "ZDI-20-415"
},
{
"db": "ZDI",
"id": "ZDI-20-437"
},
{
"db": "ZDI",
"id": "ZDI-20-377"
},
{
"db": "ZDI",
"id": "ZDI-20-435"
},
{
"db": "ZDI",
"id": "ZDI-20-407"
},
{
"db": "ZDI",
"id": "ZDI-20-417"
}
],
"trust": 11.9
},
"cve": "CVE-2020-10617",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10617",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10617",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 11.9,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10617",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2020-10617",
"trust": 11.9,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10617",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-397",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-438"
},
{
"db": "ZDI",
"id": "ZDI-20-374"
},
{
"db": "ZDI",
"id": "ZDI-20-412"
},
{
"db": "ZDI",
"id": "ZDI-20-439"
},
{
"db": "ZDI",
"id": "ZDI-20-395"
},
{
"db": "ZDI",
"id": "ZDI-20-416"
},
{
"db": "ZDI",
"id": "ZDI-20-442"
},
{
"db": "ZDI",
"id": "ZDI-20-427"
},
{
"db": "ZDI",
"id": "ZDI-20-425"
},
{
"db": "ZDI",
"id": "ZDI-20-375"
},
{
"db": "ZDI",
"id": "ZDI-20-445"
},
{
"db": "ZDI",
"id": "ZDI-20-415"
},
{
"db": "ZDI",
"id": "ZDI-20-437"
},
{
"db": "ZDI",
"id": "ZDI-20-377"
},
{
"db": "ZDI",
"id": "ZDI-20-435"
},
{
"db": "ZDI",
"id": "ZDI-20-407"
},
{
"db": "ZDI",
"id": "ZDI-20-417"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-397"
},
{
"db": "NVD",
"id": "CVE-2020-10617"
}
]
},
"description": {
"_id": null,
"data": "There are multiple ways an unauthenticated attacker could perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of calls to the getManagedDeviceByIP method of the DBUtil class. When parsing the deviceIP parameter of the upgBkpResults endpoint, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose files in the context of SYSTEM",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10617"
},
{
"db": "ZDI",
"id": "ZDI-20-374"
},
{
"db": "ZDI",
"id": "ZDI-20-417"
},
{
"db": "ZDI",
"id": "ZDI-20-407"
},
{
"db": "ZDI",
"id": "ZDI-20-435"
},
{
"db": "ZDI",
"id": "ZDI-20-377"
},
{
"db": "ZDI",
"id": "ZDI-20-437"
},
{
"db": "ZDI",
"id": "ZDI-20-415"
},
{
"db": "ZDI",
"id": "ZDI-20-445"
},
{
"db": "ZDI",
"id": "ZDI-20-438"
},
{
"db": "ZDI",
"id": "ZDI-20-425"
},
{
"db": "ZDI",
"id": "ZDI-20-427"
},
{
"db": "ZDI",
"id": "ZDI-20-442"
},
{
"db": "ZDI",
"id": "ZDI-20-416"
},
{
"db": "ZDI",
"id": "ZDI-20-395"
},
{
"db": "ZDI",
"id": "ZDI-20-439"
},
{
"db": "ZDI",
"id": "ZDI-20-412"
},
{
"db": "ZDI",
"id": "ZDI-20-375"
}
],
"trust": 11.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2020-10617",
"trust": 13.5
},
{
"db": "ICS CERT",
"id": "ICSA-20-098-01",
"trust": 1.6
},
{
"db": "ZDI",
"id": "ZDI-20-445",
"trust": 1.3
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9820",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-438",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9567",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-374",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9765",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-412",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9821",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-439",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9589",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-395",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9776",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-416",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9824",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-442",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9806",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-427",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9804",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-425",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9568",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-375",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9827",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9775",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-415",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9819",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-437",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9570",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-377",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9817",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-435",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9699",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-407",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9777",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-417",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.1251",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "46349",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-397",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-438"
},
{
"db": "ZDI",
"id": "ZDI-20-374"
},
{
"db": "ZDI",
"id": "ZDI-20-412"
},
{
"db": "ZDI",
"id": "ZDI-20-439"
},
{
"db": "ZDI",
"id": "ZDI-20-395"
},
{
"db": "ZDI",
"id": "ZDI-20-416"
},
{
"db": "ZDI",
"id": "ZDI-20-442"
},
{
"db": "ZDI",
"id": "ZDI-20-427"
},
{
"db": "ZDI",
"id": "ZDI-20-425"
},
{
"db": "ZDI",
"id": "ZDI-20-375"
},
{
"db": "ZDI",
"id": "ZDI-20-445"
},
{
"db": "ZDI",
"id": "ZDI-20-415"
},
{
"db": "ZDI",
"id": "ZDI-20-437"
},
{
"db": "ZDI",
"id": "ZDI-20-377"
},
{
"db": "ZDI",
"id": "ZDI-20-435"
},
{
"db": "ZDI",
"id": "ZDI-20-407"
},
{
"db": "ZDI",
"id": "ZDI-20-417"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-397"
},
{
"db": "NVD",
"id": "CVE-2020-10617"
}
]
},
"id": "VAR-202004-0077",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.536888
},
"last_update_date": "2025-12-22T23:42:52.255000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 11.9,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"title": "Advantech WebAccess/NMS SQL Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=113477"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-438"
},
{
"db": "ZDI",
"id": "ZDI-20-374"
},
{
"db": "ZDI",
"id": "ZDI-20-412"
},
{
"db": "ZDI",
"id": "ZDI-20-439"
},
{
"db": "ZDI",
"id": "ZDI-20-395"
},
{
"db": "ZDI",
"id": "ZDI-20-416"
},
{
"db": "ZDI",
"id": "ZDI-20-442"
},
{
"db": "ZDI",
"id": "ZDI-20-427"
},
{
"db": "ZDI",
"id": "ZDI-20-425"
},
{
"db": "ZDI",
"id": "ZDI-20-375"
},
{
"db": "ZDI",
"id": "ZDI-20-445"
},
{
"db": "ZDI",
"id": "ZDI-20-415"
},
{
"db": "ZDI",
"id": "ZDI-20-437"
},
{
"db": "ZDI",
"id": "ZDI-20-377"
},
{
"db": "ZDI",
"id": "ZDI-20-435"
},
{
"db": "ZDI",
"id": "ZDI-20-407"
},
{
"db": "ZDI",
"id": "ZDI-20-417"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-397"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-89",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10617"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 13.5,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/46349"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1251/"
},
{
"trust": 0.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-445/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10617"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-438"
},
{
"db": "ZDI",
"id": "ZDI-20-374"
},
{
"db": "ZDI",
"id": "ZDI-20-412"
},
{
"db": "ZDI",
"id": "ZDI-20-439"
},
{
"db": "ZDI",
"id": "ZDI-20-395"
},
{
"db": "ZDI",
"id": "ZDI-20-416"
},
{
"db": "ZDI",
"id": "ZDI-20-442"
},
{
"db": "ZDI",
"id": "ZDI-20-427"
},
{
"db": "ZDI",
"id": "ZDI-20-425"
},
{
"db": "ZDI",
"id": "ZDI-20-375"
},
{
"db": "ZDI",
"id": "ZDI-20-445"
},
{
"db": "ZDI",
"id": "ZDI-20-415"
},
{
"db": "ZDI",
"id": "ZDI-20-437"
},
{
"db": "ZDI",
"id": "ZDI-20-377"
},
{
"db": "ZDI",
"id": "ZDI-20-435"
},
{
"db": "ZDI",
"id": "ZDI-20-407"
},
{
"db": "ZDI",
"id": "ZDI-20-417"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-397"
},
{
"db": "NVD",
"id": "CVE-2020-10617"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-20-438",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-374",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-412",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-439",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-395",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-416",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-442",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-427",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-425",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-375",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-445",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-415",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-437",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-377",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-435",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-407",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-417",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202004-397",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2020-10617",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-438",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-374",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-412",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-439",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-395",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-416",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-442",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-427",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-425",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-375",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-445",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-415",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-437",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-377",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-435",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-407",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-417",
"ident": null
},
{
"date": "2020-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-397",
"ident": null
},
{
"date": "2020-04-09T14:15:12.510000",
"db": "NVD",
"id": "CVE-2020-10617",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-438",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-374",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-412",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-439",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-395",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-416",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-442",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-427",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-425",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-375",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-445",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-415",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-437",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-377",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-435",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-407",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-417",
"ident": null
},
{
"date": "2020-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-397",
"ident": null
},
{
"date": "2024-11-21T04:55:42.477000",
"db": "NVD",
"id": "CVE-2020-10617",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-397"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-438"
},
{
"db": "ZDI",
"id": "ZDI-20-439"
},
{
"db": "ZDI",
"id": "ZDI-20-395"
},
{
"db": "ZDI",
"id": "ZDI-20-416"
},
{
"db": "ZDI",
"id": "ZDI-20-442"
},
{
"db": "ZDI",
"id": "ZDI-20-427"
},
{
"db": "ZDI",
"id": "ZDI-20-425"
},
{
"db": "ZDI",
"id": "ZDI-20-415"
},
{
"db": "ZDI",
"id": "ZDI-20-437"
},
{
"db": "ZDI",
"id": "ZDI-20-435"
},
{
"db": "ZDI",
"id": "ZDI-20-407"
},
{
"db": "ZDI",
"id": "ZDI-20-417"
}
],
"trust": 8.4
},
"type": {
"_id": null,
"data": "SQL injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-397"
}
],
"trust": 0.6
}
}
VAR-202004-0079
Vulnerability from variot - Updated: 2024-11-23 21:59Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions prior to 3.0.2). WebAccess/NMS Exists in a vulnerability related to unlimited upload of dangerous types of files.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of calls to the saveBackground.action endpoint. When parsing the filename element, the process does not properly validate user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Advantech WebAccess/NMS is a set of Web browser-based Network Management System (NMS) software package developed by China Taiwan Advantech Corporation. A code issue vulnerability exists in versions prior to Advantech WebAccess/NMS 3.0.2
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess/nms",
"scope": null,
"trust": 7.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "3.0.2"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.8,
"vendor": "advantech",
"version": "3.0.2"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-385"
},
{
"db": "ZDI",
"id": "ZDI-20-387"
},
{
"db": "ZDI",
"id": "ZDI-20-389"
},
{
"db": "ZDI",
"id": "ZDI-20-386"
},
{
"db": "ZDI",
"id": "ZDI-20-405"
},
{
"db": "ZDI",
"id": "ZDI-20-406"
},
{
"db": "ZDI",
"id": "ZDI-20-383"
},
{
"db": "ZDI",
"id": "ZDI-20-373"
},
{
"db": "ZDI",
"id": "ZDI-20-397"
},
{
"db": "ZDI",
"id": "ZDI-20-400"
},
{
"db": "ZDI",
"id": "ZDI-20-402"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003816"
},
{
"db": "NVD",
"id": "CVE-2020-10621"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003816"
}
]
},
"credits": {
"_id": null,
"data": "rgod of 9sg",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-385"
},
{
"db": "ZDI",
"id": "ZDI-20-387"
},
{
"db": "ZDI",
"id": "ZDI-20-389"
},
{
"db": "ZDI",
"id": "ZDI-20-386"
},
{
"db": "ZDI",
"id": "ZDI-20-405"
},
{
"db": "ZDI",
"id": "ZDI-20-406"
},
{
"db": "ZDI",
"id": "ZDI-20-383"
},
{
"db": "ZDI",
"id": "ZDI-20-373"
},
{
"db": "ZDI",
"id": "ZDI-20-397"
},
{
"db": "ZDI",
"id": "ZDI-20-400"
},
{
"db": "ZDI",
"id": "ZDI-20-402"
}
],
"trust": 7.7
},
"cve": "CVE-2020-10621",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10621",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2020-003816",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-163118",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10621",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 7.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10621",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003816",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2020-10621",
"trust": 7.7,
"value": "CRITICAL"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10621",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-003816",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-403",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-163118",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-385"
},
{
"db": "ZDI",
"id": "ZDI-20-387"
},
{
"db": "ZDI",
"id": "ZDI-20-389"
},
{
"db": "ZDI",
"id": "ZDI-20-386"
},
{
"db": "ZDI",
"id": "ZDI-20-405"
},
{
"db": "ZDI",
"id": "ZDI-20-406"
},
{
"db": "ZDI",
"id": "ZDI-20-383"
},
{
"db": "ZDI",
"id": "ZDI-20-373"
},
{
"db": "ZDI",
"id": "ZDI-20-397"
},
{
"db": "ZDI",
"id": "ZDI-20-400"
},
{
"db": "ZDI",
"id": "ZDI-20-402"
},
{
"db": "VULHUB",
"id": "VHN-163118"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003816"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-403"
},
{
"db": "NVD",
"id": "CVE-2020-10621"
}
]
},
"description": {
"_id": null,
"data": "Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions prior to 3.0.2). WebAccess/NMS Exists in a vulnerability related to unlimited upload of dangerous types of files.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of calls to the saveBackground.action endpoint. When parsing the filename element, the process does not properly validate user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Advantech WebAccess/NMS is a set of Web browser-based Network Management System (NMS) software package developed by China Taiwan Advantech Corporation. A code issue vulnerability exists in versions prior to Advantech WebAccess/NMS 3.0.2",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10621"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003816"
},
{
"db": "ZDI",
"id": "ZDI-20-385"
},
{
"db": "ZDI",
"id": "ZDI-20-387"
},
{
"db": "ZDI",
"id": "ZDI-20-389"
},
{
"db": "ZDI",
"id": "ZDI-20-386"
},
{
"db": "ZDI",
"id": "ZDI-20-405"
},
{
"db": "ZDI",
"id": "ZDI-20-406"
},
{
"db": "ZDI",
"id": "ZDI-20-383"
},
{
"db": "ZDI",
"id": "ZDI-20-373"
},
{
"db": "ZDI",
"id": "ZDI-20-397"
},
{
"db": "ZDI",
"id": "ZDI-20-400"
},
{
"db": "ZDI",
"id": "ZDI-20-402"
},
{
"db": "VULHUB",
"id": "VHN-163118"
}
],
"trust": 8.64
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2020-10621",
"trust": 10.2
},
{
"db": "ICS CERT",
"id": "ICSA-20-098-01",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-20-406",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003816",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9578",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-385",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9580",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-387",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9582",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-389",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9579",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-386",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9692",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-405",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9693",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9576",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-383",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9566",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-373",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9602",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-397",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9614",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-400",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9627",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-402",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202004-403",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "46347",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1251",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-22317",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-163118",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-385"
},
{
"db": "ZDI",
"id": "ZDI-20-387"
},
{
"db": "ZDI",
"id": "ZDI-20-389"
},
{
"db": "ZDI",
"id": "ZDI-20-386"
},
{
"db": "ZDI",
"id": "ZDI-20-405"
},
{
"db": "ZDI",
"id": "ZDI-20-406"
},
{
"db": "ZDI",
"id": "ZDI-20-383"
},
{
"db": "ZDI",
"id": "ZDI-20-373"
},
{
"db": "ZDI",
"id": "ZDI-20-397"
},
{
"db": "ZDI",
"id": "ZDI-20-400"
},
{
"db": "ZDI",
"id": "ZDI-20-402"
},
{
"db": "VULHUB",
"id": "VHN-163118"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003816"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-403"
},
{
"db": "NVD",
"id": "CVE-2020-10621"
}
]
},
"id": "VAR-202004-0079",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-163118"
}
],
"trust": 0.636888
},
"last_update_date": "2024-11-23T21:59:22.414000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 7.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "https://www.advantech.co.jp/industrial-automation/webaccess"
},
{
"title": "Advantech WebAccess/NMS Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115619"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-385"
},
{
"db": "ZDI",
"id": "ZDI-20-387"
},
{
"db": "ZDI",
"id": "ZDI-20-389"
},
{
"db": "ZDI",
"id": "ZDI-20-386"
},
{
"db": "ZDI",
"id": "ZDI-20-405"
},
{
"db": "ZDI",
"id": "ZDI-20-406"
},
{
"db": "ZDI",
"id": "ZDI-20-383"
},
{
"db": "ZDI",
"id": "ZDI-20-373"
},
{
"db": "ZDI",
"id": "ZDI-20-397"
},
{
"db": "ZDI",
"id": "ZDI-20-400"
},
{
"db": "ZDI",
"id": "ZDI-20-402"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003816"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-403"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-434",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163118"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003816"
},
{
"db": "NVD",
"id": "CVE-2020-10621"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 10.2,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10621"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10621"
},
{
"trust": 0.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-406/"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/46347"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1251/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-385"
},
{
"db": "ZDI",
"id": "ZDI-20-387"
},
{
"db": "ZDI",
"id": "ZDI-20-389"
},
{
"db": "ZDI",
"id": "ZDI-20-386"
},
{
"db": "ZDI",
"id": "ZDI-20-405"
},
{
"db": "ZDI",
"id": "ZDI-20-406"
},
{
"db": "ZDI",
"id": "ZDI-20-383"
},
{
"db": "ZDI",
"id": "ZDI-20-373"
},
{
"db": "ZDI",
"id": "ZDI-20-397"
},
{
"db": "ZDI",
"id": "ZDI-20-400"
},
{
"db": "ZDI",
"id": "ZDI-20-402"
},
{
"db": "VULHUB",
"id": "VHN-163118"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003816"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-403"
},
{
"db": "NVD",
"id": "CVE-2020-10621"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-20-385",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-387",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-389",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-386",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-405",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-406",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-383",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-373",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-397",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-400",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-402",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-163118",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003816",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202004-403",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2020-10621",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-385",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-387",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-389",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-386",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-405",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-406",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-383",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-373",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-397",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-400",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-402",
"ident": null
},
{
"date": "2020-04-09T00:00:00",
"db": "VULHUB",
"id": "VHN-163118",
"ident": null
},
{
"date": "2020-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003816",
"ident": null
},
{
"date": "2020-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-403",
"ident": null
},
{
"date": "2020-04-09T13:15:12.623000",
"db": "NVD",
"id": "CVE-2020-10621",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-385",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-387",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-389",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-386",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-405",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-406",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-383",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-373",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-397",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-400",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-402",
"ident": null
},
{
"date": "2020-04-10T00:00:00",
"db": "VULHUB",
"id": "VHN-163118",
"ident": null
},
{
"date": "2020-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003816",
"ident": null
},
{
"date": "2020-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-403",
"ident": null
},
{
"date": "2024-11-21T04:55:42.923000",
"db": "NVD",
"id": "CVE-2020-10621",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-403"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess/NMS extProgramAction Unrestricted File Upload Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-387"
},
{
"db": "ZDI",
"id": "ZDI-20-386"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-403"
}
],
"trust": 0.6
}
}
VAR-202004-0080
Vulnerability from variot - Updated: 2024-11-23 21:59Multiple vulnerabilities could allow an attacker with low privileges to perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information. WebAccess/NMS To SQL An injection vulnerability exists.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the processing of calls to the getSyslogUiList method of the DBUtil class. When parsing the severity, facility, deviceName, deviceIP, dateFrom, and dateTo parameters of the SyslogFuzzySearch endpoint, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose file contents in the context of SYSTEM. Advantech WebAccess/NMS is a set of Web browser-based Network Management System (NMS) software package developed by China Taiwan Advantech Corporation
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess/nms",
"scope": null,
"trust": 2.1,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "3.0.2"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.8,
"vendor": "advantech",
"version": "3.0.2"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-421"
},
{
"db": "ZDI",
"id": "ZDI-20-413"
},
{
"db": "ZDI",
"id": "ZDI-20-420"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003803"
},
{
"db": "NVD",
"id": "CVE-2020-10623"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003803"
}
]
},
"credits": {
"_id": null,
"data": "rgod of 9sg",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-421"
},
{
"db": "ZDI",
"id": "ZDI-20-420"
}
],
"trust": 1.4
},
"cve": "CVE-2020-10623",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2020-10623",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003803",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-163120",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-10623",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.1,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-10623",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003803",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2020-10623",
"trust": 2.1,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10623",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-003803",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-394",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-163120",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-421"
},
{
"db": "ZDI",
"id": "ZDI-20-413"
},
{
"db": "ZDI",
"id": "ZDI-20-420"
},
{
"db": "VULHUB",
"id": "VHN-163120"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003803"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-394"
},
{
"db": "NVD",
"id": "CVE-2020-10623"
}
]
},
"description": {
"_id": null,
"data": "Multiple vulnerabilities could allow an attacker with low privileges to perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information. WebAccess/NMS To SQL An injection vulnerability exists.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the processing of calls to the getSyslogUiList method of the DBUtil class. When parsing the severity, facility, deviceName, deviceIP, dateFrom, and dateTo parameters of the SyslogFuzzySearch endpoint, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose file contents in the context of SYSTEM. Advantech WebAccess/NMS is a set of Web browser-based Network Management System (NMS) software package developed by China Taiwan Advantech Corporation",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10623"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003803"
},
{
"db": "ZDI",
"id": "ZDI-20-421"
},
{
"db": "ZDI",
"id": "ZDI-20-413"
},
{
"db": "ZDI",
"id": "ZDI-20-420"
},
{
"db": "VULHUB",
"id": "VHN-163120"
}
],
"trust": 3.6
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2020-10623",
"trust": 4.6
},
{
"db": "ICS CERT",
"id": "ICSA-20-098-01",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-20-421",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003803",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9800",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9764",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-413",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9799",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-420",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202004-394",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.1251",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "46348",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-22315",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-163120",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-421"
},
{
"db": "ZDI",
"id": "ZDI-20-413"
},
{
"db": "ZDI",
"id": "ZDI-20-420"
},
{
"db": "VULHUB",
"id": "VHN-163120"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003803"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-394"
},
{
"db": "NVD",
"id": "CVE-2020-10623"
}
]
},
"id": "VAR-202004-0080",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-163120"
}
],
"trust": 0.636888
},
"last_update_date": "2024-11-23T21:59:22.260000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 2.1,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.advantech.com/"
},
{
"title": "Advantech WebAccess/NMS SQL Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=113474"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-421"
},
{
"db": "ZDI",
"id": "ZDI-20-413"
},
{
"db": "ZDI",
"id": "ZDI-20-420"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003803"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-394"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163120"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003803"
},
{
"db": "NVD",
"id": "CVE-2020-10623"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.6,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10623"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10623"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/46348"
},
{
"trust": 0.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-421/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1251/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-421"
},
{
"db": "ZDI",
"id": "ZDI-20-413"
},
{
"db": "ZDI",
"id": "ZDI-20-420"
},
{
"db": "VULHUB",
"id": "VHN-163120"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003803"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-394"
},
{
"db": "NVD",
"id": "CVE-2020-10623"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-20-421",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-413",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-420",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-163120",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003803",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202004-394",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2020-10623",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-421",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-413",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-420",
"ident": null
},
{
"date": "2020-04-09T00:00:00",
"db": "VULHUB",
"id": "VHN-163120",
"ident": null
},
{
"date": "2020-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003803",
"ident": null
},
{
"date": "2020-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-394",
"ident": null
},
{
"date": "2020-04-09T14:15:12.637000",
"db": "NVD",
"id": "CVE-2020-10623",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-421",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-413",
"ident": null
},
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-420",
"ident": null
},
{
"date": "2020-04-10T00:00:00",
"db": "VULHUB",
"id": "VHN-163120",
"ident": null
},
{
"date": "2020-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003803",
"ident": null
},
{
"date": "2020-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-394",
"ident": null
},
{
"date": "2024-11-21T04:55:43.157000",
"db": "NVD",
"id": "CVE-2020-10623",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-394"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "WebAccess/NMS In SQL Injection vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003803"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "SQL injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-394"
}
],
"trust": 0.6
}
}
VAR-202004-0067
Vulnerability from variot - Updated: 2024-11-23 21:59WebAccess/NMS (versions prior to 3.0.2) does not properly sanitize user input and may allow an attacker to inject system commands remotely. WebAccess/NMS To OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/NMS. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the processing of calls to the ManualDBBackup endpoint. When parsing the filenamebknow parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Advantech WebAccess/NMS is a set of Web browser-based Network Management System (NMS) software package developed by China Taiwan Advantech Corporation. There is an operating system command injection vulnerability in Advantech WebAccess/NMS versions before 3.0.2. The vulnerability is caused by the program not sanitizing user input
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "3.0.2"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.8,
"vendor": "advantech",
"version": "3.0.2"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-444"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003821"
},
{
"db": "NVD",
"id": "CVE-2020-10603"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003821"
}
]
},
"credits": {
"_id": null,
"data": "rgod of 9sg",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-444"
}
],
"trust": 0.7
},
"cve": "CVE-2020-10603",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2020-10603",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003821",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-163098",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-10603",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003821",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-10603",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10603",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-003821",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2020-10603",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-380",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-163098",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-444"
},
{
"db": "VULHUB",
"id": "VHN-163098"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003821"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-380"
},
{
"db": "NVD",
"id": "CVE-2020-10603"
}
]
},
"description": {
"_id": null,
"data": "WebAccess/NMS (versions prior to 3.0.2) does not properly sanitize user input and may allow an attacker to inject system commands remotely. WebAccess/NMS To OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/NMS. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the processing of calls to the ManualDBBackup endpoint. When parsing the filenamebknow parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Advantech WebAccess/NMS is a set of Web browser-based Network Management System (NMS) software package developed by China Taiwan Advantech Corporation. There is an operating system command injection vulnerability in Advantech WebAccess/NMS versions before 3.0.2. The vulnerability is caused by the program not sanitizing user input",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10603"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003821"
},
{
"db": "ZDI",
"id": "ZDI-20-444"
},
{
"db": "VULHUB",
"id": "VHN-163098"
}
],
"trust": 2.34
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2020-10603",
"trust": 3.2
},
{
"db": "ICS CERT",
"id": "ICSA-20-098-01",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-20-444",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003821",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9826",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202004-380",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.1251",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "46344",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-22310",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-163098",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-444"
},
{
"db": "VULHUB",
"id": "VHN-163098"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003821"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-380"
},
{
"db": "NVD",
"id": "CVE-2020-10603"
}
]
},
"id": "VAR-202004-0067",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-163098"
}
],
"trust": 0.636888
},
"last_update_date": "2024-11-23T21:59:22.225000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.advantech.com/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"title": "Advantech WebAccess/NMS Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115600"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-444"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003821"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-380"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-78",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163098"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003821"
},
{
"db": "NVD",
"id": "CVE-2020-10603"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.2,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10603"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10603"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/46344"
},
{
"trust": 0.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-444/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1251/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-444"
},
{
"db": "VULHUB",
"id": "VHN-163098"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003821"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-380"
},
{
"db": "NVD",
"id": "CVE-2020-10603"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-20-444",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-163098",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003821",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202004-380",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2020-10603",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-444",
"ident": null
},
{
"date": "2020-04-09T00:00:00",
"db": "VULHUB",
"id": "VHN-163098",
"ident": null
},
{
"date": "2020-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003821",
"ident": null
},
{
"date": "2020-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-380",
"ident": null
},
{
"date": "2020-04-09T14:15:12.463000",
"db": "NVD",
"id": "CVE-2020-10603",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-444",
"ident": null
},
{
"date": "2020-04-10T00:00:00",
"db": "VULHUB",
"id": "VHN-163098",
"ident": null
},
{
"date": "2020-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003821",
"ident": null
},
{
"date": "2020-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-380",
"ident": null
},
{
"date": "2024-11-21T04:55:40.890000",
"db": "NVD",
"id": "CVE-2020-10603",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-380"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "WebAccess/NMS In OS Command injection vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003821"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-380"
}
],
"trust": 0.6
}
}
VAR-202004-0078
Vulnerability from variot - Updated: 2024-11-23 21:59An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's (versions prior to 3.0.2) control. WebAccess/NMS Exists in a past traversal vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be put into a state. This vulnerability allows remote attackers to delete arbitary files on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of calls to the saveBackground.action endpoint. When parsing the oldImage parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Advantech WebAccess/NMS is a set of Web browser-based Network Management System (NMS) software package developed by China Taiwan Advantech Corporation. There is a path traversal vulnerability in versions prior to Advantech WebAccess/NMS 3.0.2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0078",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess\\/nms",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "3.0.2"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.8,
"vendor": "advantech",
"version": "3.0.2"
},
{
"model": "webaccess/nms",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-379"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003802"
},
{
"db": "NVD",
"id": "CVE-2020-10619"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003802"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "rgod of 9sg",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-379"
}
],
"trust": 0.7
},
"cve": "CVE-2020-10619",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10619",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.4,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-003802",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-163115",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10619",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-003802",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10619",
"impactScore": 4.2,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10619",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-003802",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2020-10619",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-391",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-163115",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-379"
},
{
"db": "VULHUB",
"id": "VHN-163115"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003802"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-391"
},
{
"db": "NVD",
"id": "CVE-2020-10619"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS\u0027s (versions prior to 3.0.2) control. WebAccess/NMS Exists in a past traversal vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be put into a state. This vulnerability allows remote attackers to delete arbitary files on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of calls to the saveBackground.action endpoint. When parsing the oldImage parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Advantech WebAccess/NMS is a set of Web browser-based Network Management System (NMS) software package developed by China Taiwan Advantech Corporation. There is a path traversal vulnerability in versions prior to Advantech WebAccess/NMS 3.0.2",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10619"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003802"
},
{
"db": "ZDI",
"id": "ZDI-20-379"
},
{
"db": "VULHUB",
"id": "VHN-163115"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-10619",
"trust": 3.2
},
{
"db": "ICS CERT",
"id": "ICSA-20-098-01",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-20-379",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003802",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9572",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202004-391",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "46350",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1251",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-22314",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-163115",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-379"
},
{
"db": "VULHUB",
"id": "VHN-163115"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003802"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-391"
},
{
"db": "NVD",
"id": "CVE-2020-10619"
}
]
},
"id": "VAR-202004-0078",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-163115"
}
],
"trust": 0.636888
},
"last_update_date": "2024-11-23T21:59:22.192000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.advantech.com/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"title": "Advantech WebAccess/NMS Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115610"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-379"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003802"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-391"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
},
{
"problemtype": "CWE-23",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163115"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003802"
},
{
"db": "NVD",
"id": "CVE-2020-10619"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10619"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10619"
},
{
"trust": 0.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-379/"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/46350"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1251/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-379"
},
{
"db": "VULHUB",
"id": "VHN-163115"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003802"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-391"
},
{
"db": "NVD",
"id": "CVE-2020-10619"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-20-379"
},
{
"db": "VULHUB",
"id": "VHN-163115"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003802"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-391"
},
{
"db": "NVD",
"id": "CVE-2020-10619"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-379"
},
{
"date": "2020-04-09T00:00:00",
"db": "VULHUB",
"id": "VHN-163115"
},
{
"date": "2020-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003802"
},
{
"date": "2020-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-391"
},
{
"date": "2020-04-09T14:15:12.573000",
"db": "NVD",
"id": "CVE-2020-10619"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-379"
},
{
"date": "2020-04-10T00:00:00",
"db": "VULHUB",
"id": "VHN-163115"
},
{
"date": "2020-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003802"
},
{
"date": "2020-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-391"
},
{
"date": "2024-11-21T04:55:42.703000",
"db": "NVD",
"id": "CVE-2020-10619"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-391"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebAccess/NMS Past Traversal Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003802"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-391"
}
],
"trust": 0.6
}
}
VAR-202004-0052
Vulnerability from variot - Updated: 2024-11-23 21:59WebAccess/NMS (versions prior to 3.0.2) does not sanitize XML input. Specially crafted XML input could allow an attacker to read sensitive files. WebAccess/NMS To XML There is a vulnerability in an external entity.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of calls to the MibbrowserMibbrowserTrapAddAction method. Due to the improper restriction of XML External Entity (XXE) references, a specially crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose file contents in the context of SYSTEM. Advantech WebAccess/NMS is a set of Web browser-based Network Management System (NMS) software package developed by China Taiwan Advantech Corporation. A code problem vulnerability exists in Advantech WebAccess/NMS versions prior to 3.0.2
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "3.0.2"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.8,
"vendor": "advantech",
"version": "3.0.2"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-382"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003805"
},
{
"db": "NVD",
"id": "CVE-2020-10629"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003805"
}
]
},
"credits": {
"_id": null,
"data": "rgod of 9sg",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-382"
}
],
"trust": 0.7
},
"cve": "CVE-2020-10629",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10629",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003805",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-163126",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10629",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003805",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10629",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10629",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-003805",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2020-10629",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-383",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-163126",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-382"
},
{
"db": "VULHUB",
"id": "VHN-163126"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003805"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-383"
},
{
"db": "NVD",
"id": "CVE-2020-10629"
}
]
},
"description": {
"_id": null,
"data": "WebAccess/NMS (versions prior to 3.0.2) does not sanitize XML input. Specially crafted XML input could allow an attacker to read sensitive files. WebAccess/NMS To XML There is a vulnerability in an external entity.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of calls to the MibbrowserMibbrowserTrapAddAction method. Due to the improper restriction of XML External Entity (XXE) references, a specially crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose file contents in the context of SYSTEM. Advantech WebAccess/NMS is a set of Web browser-based Network Management System (NMS) software package developed by China Taiwan Advantech Corporation. A code problem vulnerability exists in Advantech WebAccess/NMS versions prior to 3.0.2",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10629"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003805"
},
{
"db": "ZDI",
"id": "ZDI-20-382"
},
{
"db": "VULHUB",
"id": "VHN-163126"
}
],
"trust": 2.34
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2020-10629",
"trust": 3.2
},
{
"db": "ICS CERT",
"id": "ICSA-20-098-01",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-20-382",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003805",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9575",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202004-383",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "46351",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1251",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-22311",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-163126",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-382"
},
{
"db": "VULHUB",
"id": "VHN-163126"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003805"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-383"
},
{
"db": "NVD",
"id": "CVE-2020-10629"
}
]
},
"id": "VAR-202004-0052",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-163126"
}
],
"trust": 0.636888
},
"last_update_date": "2024-11-23T21:59:22.155000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.advantech.com/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"title": "Advantech WebAccess/NMS Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115602"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-382"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003805"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-383"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-611",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163126"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003805"
},
{
"db": "NVD",
"id": "CVE-2020-10629"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.2,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10629"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10629"
},
{
"trust": 0.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-382/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1251/"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/46351"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-382"
},
{
"db": "VULHUB",
"id": "VHN-163126"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003805"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-383"
},
{
"db": "NVD",
"id": "CVE-2020-10629"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-20-382",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-163126",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003805",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202004-383",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2020-10629",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-382",
"ident": null
},
{
"date": "2020-04-09T00:00:00",
"db": "VULHUB",
"id": "VHN-163126",
"ident": null
},
{
"date": "2020-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003805",
"ident": null
},
{
"date": "2020-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-383",
"ident": null
},
{
"date": "2020-04-09T14:15:12.747000",
"db": "NVD",
"id": "CVE-2020-10629",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-382",
"ident": null
},
{
"date": "2020-04-10T00:00:00",
"db": "VULHUB",
"id": "VHN-163126",
"ident": null
},
{
"date": "2020-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003805",
"ident": null
},
{
"date": "2020-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-383",
"ident": null
},
{
"date": "2024-11-21T04:55:43.903000",
"db": "NVD",
"id": "CVE-2020-10629",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-383"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "WebAccess/NMS In ML External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003805"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-383"
}
],
"trust": 0.6
}
}
VAR-202004-0053
Vulnerability from variot - Updated: 2024-11-23 21:59An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS's (versions prior to 3.0.2) control. WebAccess/NMS Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of calls to the download.jsp endpoint. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose files in the context of SYSTEM or to create a denial-of-service condition on the system. Advantech WebAccess/NMS is a set of Web browser-based Network Management System (NMS) software package developed by China Taiwan Advantech Corporation. There is a path traversal vulnerability in versions prior to Advantech WebAccess/NMS 3.0.2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0053",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess\\/nms",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "3.0.2"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.8,
"vendor": "advantech",
"version": "3.0.2"
},
{
"model": "webaccess/nms",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-384"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003797"
},
{
"db": "NVD",
"id": "CVE-2020-10631"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003797"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "rgod of 9sg",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-384"
}
],
"trust": 0.7
},
"cve": "CVE-2020-10631",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10631",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003797",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-163129",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10631",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003797",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10631",
"impactScore": 5.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10631",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-003797",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2020-10631",
"trust": 0.7,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-400",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-163129",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-384"
},
{
"db": "VULHUB",
"id": "VHN-163129"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003797"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-400"
},
{
"db": "NVD",
"id": "CVE-2020-10631"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS\u0027s (versions prior to 3.0.2) control. WebAccess/NMS Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of calls to the download.jsp endpoint. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose files in the context of SYSTEM or to create a denial-of-service condition on the system. Advantech WebAccess/NMS is a set of Web browser-based Network Management System (NMS) software package developed by China Taiwan Advantech Corporation. There is a path traversal vulnerability in versions prior to Advantech WebAccess/NMS 3.0.2",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10631"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003797"
},
{
"db": "ZDI",
"id": "ZDI-20-384"
},
{
"db": "VULHUB",
"id": "VHN-163129"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-10631",
"trust": 3.2
},
{
"db": "ICS CERT",
"id": "ICSA-20-098-01",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-20-384",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003797",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9577",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202004-400",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.1251",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "46345",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-22313",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-163129",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-384"
},
{
"db": "VULHUB",
"id": "VHN-163129"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003797"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-400"
},
{
"db": "NVD",
"id": "CVE-2020-10631"
}
]
},
"id": "VAR-202004-0053",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-163129"
}
],
"trust": 0.636888
},
"last_update_date": "2024-11-23T21:59:22.124000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.advantech.com/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"title": "Advantech WebAccess/NMS Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=113480"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-384"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003797"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-400"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
},
{
"problemtype": "CWE-23",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163129"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003797"
},
{
"db": "NVD",
"id": "CVE-2020-10631"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10631"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10631"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/46345"
},
{
"trust": 0.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-384/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1251/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-384"
},
{
"db": "VULHUB",
"id": "VHN-163129"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003797"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-400"
},
{
"db": "NVD",
"id": "CVE-2020-10631"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-20-384"
},
{
"db": "VULHUB",
"id": "VHN-163129"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003797"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-400"
},
{
"db": "NVD",
"id": "CVE-2020-10631"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-384"
},
{
"date": "2020-04-09T00:00:00",
"db": "VULHUB",
"id": "VHN-163129"
},
{
"date": "2020-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003797"
},
{
"date": "2020-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-400"
},
{
"date": "2020-04-09T14:15:12.823000",
"db": "NVD",
"id": "CVE-2020-10631"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-384"
},
{
"date": "2020-04-10T00:00:00",
"db": "VULHUB",
"id": "VHN-163129"
},
{
"date": "2020-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003797"
},
{
"date": "2020-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-400"
},
{
"date": "2024-11-21T04:55:44.147000",
"db": "NVD",
"id": "CVE-2020-10631"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-400"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebAccess/NMS Past Traversal Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003797"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-400"
}
],
"trust": 0.6
}
}
VAR-202004-0081
Vulnerability from variot - Updated: 2024-11-23 21:59WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remote user to create a new admin account. WebAccess/NMS There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to bypass authentication on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of calls to the usersInputAction.action endpoint. Authentication is missing for the critical function of creating new administrator accounts. An attacker can leverage this vulnerability to create new accounts, leading to further compromise. Advantech WebAccess/NMS is a set of Web browser-based Network Management System (NMS) software package developed by China Taiwan Advantech Corporation. There is an access control error vulnerability in Advantech WebAccess/NMS versions prior to 3.0.2
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "3.0.2"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.8,
"vendor": "advantech",
"version": "3.0.2"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-414"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003804"
},
{
"db": "NVD",
"id": "CVE-2020-10625"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003804"
}
]
},
"credits": {
"_id": null,
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-414"
}
],
"trust": 0.7
},
"cve": "CVE-2020-10625",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10625",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003804",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-163122",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10625",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003804",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10625",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10625",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-003804",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2020-10625",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-388",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-163122",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-414"
},
{
"db": "VULHUB",
"id": "VHN-163122"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003804"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-388"
},
{
"db": "NVD",
"id": "CVE-2020-10625"
}
]
},
"description": {
"_id": null,
"data": "WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remote user to create a new admin account. WebAccess/NMS There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to bypass authentication on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of calls to the usersInputAction.action endpoint. Authentication is missing for the critical function of creating new administrator accounts. An attacker can leverage this vulnerability to create new accounts, leading to further compromise. Advantech WebAccess/NMS is a set of Web browser-based Network Management System (NMS) software package developed by China Taiwan Advantech Corporation. There is an access control error vulnerability in Advantech WebAccess/NMS versions prior to 3.0.2",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10625"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003804"
},
{
"db": "ZDI",
"id": "ZDI-20-414"
},
{
"db": "VULHUB",
"id": "VHN-163122"
}
],
"trust": 2.34
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2020-10625",
"trust": 3.2
},
{
"db": "ICS CERT",
"id": "ICSA-20-098-01",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-20-414",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003804",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9769",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202004-388",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "46346",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1251",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-22312",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-163122",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-414"
},
{
"db": "VULHUB",
"id": "VHN-163122"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003804"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-388"
},
{
"db": "NVD",
"id": "CVE-2020-10625"
}
]
},
"id": "VAR-202004-0081",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-163122"
}
],
"trust": 0.636888
},
"last_update_date": "2024-11-23T21:59:22.093000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.advantech.com/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"title": "Advantech WebAccess/NMS Fixes for access control error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115607"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-414"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003804"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-388"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-306",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163122"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003804"
},
{
"db": "NVD",
"id": "CVE-2020-10625"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.2,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10625"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10625"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/46346"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1251/"
},
{
"trust": 0.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-414/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-414"
},
{
"db": "VULHUB",
"id": "VHN-163122"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003804"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-388"
},
{
"db": "NVD",
"id": "CVE-2020-10625"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-20-414",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-163122",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003804",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202004-388",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2020-10625",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-414",
"ident": null
},
{
"date": "2020-04-09T00:00:00",
"db": "VULHUB",
"id": "VHN-163122",
"ident": null
},
{
"date": "2020-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003804",
"ident": null
},
{
"date": "2020-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-388",
"ident": null
},
{
"date": "2020-04-09T14:15:12.683000",
"db": "NVD",
"id": "CVE-2020-10625",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-414",
"ident": null
},
{
"date": "2020-04-10T00:00:00",
"db": "VULHUB",
"id": "VHN-163122",
"ident": null
},
{
"date": "2020-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003804",
"ident": null
},
{
"date": "2020-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-388",
"ident": null
},
{
"date": "2024-11-21T04:55:43.403000",
"db": "NVD",
"id": "CVE-2020-10625",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-388"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "WebAccess/NMS Vulnerability regarding lack of authentication for critical features in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003804"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-388"
}
],
"trust": 0.6
}
}
VAR-201805-1126
Vulnerability from variot - Updated: 2024-11-23 21:53In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an improper privilege management vulnerability may allow an authenticated user to modify files when read access should only be given to the user. plural Advantech WebAccess The product contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows local attackers to escalate privilege on vulnerable installations of Advantech WebAccess Node. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the access control that is set and modified during the installation of the product. The product installation weakens access control restrictions of pre-existing system files and sets weak access control restrictions on new files. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A security vulnerability exists in several Advantech products that stems from a program's failure to properly manage permissions. An attacker could use this vulnerability to modify a file. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess etc
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess node",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess \u003c=v8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-500"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-442"
},
{
"db": "NVD",
"id": "CVE-2018-8841"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
}
]
},
"credits": {
"_id": null,
"data": "Fritz Sands of the Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-500"
}
],
"trust": 0.7
},
"cve": "CVE-2018-8841",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2018-8841",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-8841",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-13782",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-138873",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-8841",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-8841",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-8841",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2018-8841",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-13782",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-442",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-138873",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-500"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
},
{
"db": "VULHUB",
"id": "VHN-138873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-442"
},
{
"db": "NVD",
"id": "CVE-2018-8841"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an improper privilege management vulnerability may allow an authenticated user to modify files when read access should only be given to the user. plural Advantech WebAccess The product contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows local attackers to escalate privilege on vulnerable installations of Advantech WebAccess Node. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the access control that is set and modified during the installation of the product. The product installation weakens access control restrictions of pre-existing system files and sets weak access control restrictions on new files. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A security vulnerability exists in several Advantech products that stems from a program\u0027s failure to properly manage permissions. An attacker could use this vulnerability to modify a file. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-8841"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
},
{
"db": "ZDI",
"id": "ZDI-18-500"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-138873"
}
],
"trust": 3.33
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-8841",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNVD",
"id": "CNVD-2018-13782",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-442",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5670",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-500",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F6B281-39AB-11E9-B166-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-138873",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-500"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
},
{
"db": "VULHUB",
"id": "VHN-138873"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-442"
},
{
"db": "NVD",
"id": "CVE-2018-8841"
}
]
},
"id": "VAR-201805-1126",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
},
{
"db": "VULHUB",
"id": "VHN-138873"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
}
]
},
"last_update_date": "2024-11-23T21:53:07.965000Z",
"patch": {
"_id": null,
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.advantech.co.jp/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patches for Multiple Advantech Products Improper Rights Management Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/135203"
},
{
"title": "Multiple Advantech Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80052"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-500"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-442"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-269",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-138873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
},
{
"db": "NVD",
"id": "CVE-2018-8841"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8841"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-8841"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-500"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
},
{
"db": "VULHUB",
"id": "VHN-138873"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-442"
},
{
"db": "NVD",
"id": "CVE-2018-8841"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-500",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-13782",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-138873",
"ident": null
},
{
"db": "BID",
"id": "104190",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-442",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-8841",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-07-24T00:00:00",
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-500",
"ident": null
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13782",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-138873",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005076",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-442",
"ident": null
},
{
"date": "2018-05-15T22:29:00.690000",
"db": "NVD",
"id": "CVE-2018-8841",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-500",
"ident": null
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13782",
"ident": null
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-138873",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005076",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-442",
"ident": null
},
{
"date": "2024-11-21T04:14:25.803000",
"db": "NVD",
"id": "CVE-2018-8841",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-442"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "plural Advantech WebAccess Vulnerabilities related to authorization, authority, and access control in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-442"
}
],
"trust": 0.6
}
}
VAR-201805-0250
Vulnerability from variot - Updated: 2024-11-23 21:53In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an information exposure vulnerability through directory listing has been identified, which may allow an attacker to find important files that are not normally visible. Advantech WebAccess Contains a vulnerability in the disclosure of file and directory information.Information may be obtained. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. An attacker could exploit this vulnerability to obtain important files that are not visible. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0250",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess scada node",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
},
{
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell, rgod, Steven Seeley, Donato Onofri and Simone Onofri",
"sources": [
{
"db": "BID",
"id": "104190"
}
],
"trust": 0.3
},
"cve": "CVE-2018-10590",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-10590",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-09823",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-120365",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-10590",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-10590",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-10590",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-09823",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-450",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-120365",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "VULHUB",
"id": "VHN-120365"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
},
{
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an information exposure vulnerability through directory listing has been identified, which may allow an attacker to find important files that are not normally visible. Advantech WebAccess Contains a vulnerability in the disclosure of file and directory information.Information may be obtained. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. An attacker could exploit this vulnerability to obtain important files that are not visible. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10590"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-120365"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-10590",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.0
},
{
"db": "CNVD",
"id": "CNVD-2018-09823",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-450",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2EF868F-39AB-11E9-8037-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-120365",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "VULHUB",
"id": "VHN-120365"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
},
{
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"id": "VAR-201805-0250",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "VULHUB",
"id": "VHN-120365"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09823"
}
]
},
"last_update_date": "2024-11-23T21:53:07.924000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess/webaccessscada"
},
{
"title": "Patch for Advantech WebAccess Information Disclosure Vulnerability (CNVD-2018-09823)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/129391"
},
{
"title": "Multiple Advantech Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80060"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-538",
"trust": 1.9
},
{
"problemtype": "CWE-548",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120365"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10590"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10590"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "VULHUB",
"id": "VHN-120365"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
},
{
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "VULHUB",
"id": "VHN-120365"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
},
{
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"date": "2018-05-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-120365"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-450"
},
{
"date": "2018-05-15T22:29:00.317000",
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-120365"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-450"
},
{
"date": "2024-11-21T03:41:37.093000",
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Vulnerable to file and directory information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
}
],
"trust": 0.6
}
}
VAR-201805-1141
Vulnerability from variot - Updated: 2024-11-23 21:53In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an external control of file name or path vulnerability has been identified, which may allow an attacker to delete files. plural Advantech WebAccess The product contains a path traversal vulnerability.Information may be tampered with. This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x2715 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this functionality to delete files under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-1141",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess scada node",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess node",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"model": "webaccess scada node",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
},
{
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-499"
}
],
"trust": 0.7
},
"cve": "CVE-2018-7495",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7495",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-7495",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-13786",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-137527",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7495",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7495",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-7495",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2018-7495",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-13786",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-448",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137527",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "VULHUB",
"id": "VHN-137527"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
},
{
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an external control of file name or path vulnerability has been identified, which may allow an attacker to delete files. plural Advantech WebAccess The product contains a path traversal vulnerability.Information may be tampered with. This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x2715 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this functionality to delete files under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7495"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137527"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7495",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-13786",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5664",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-499",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F700A2-39AB-11E9-92AD-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137527",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "VULHUB",
"id": "VHN-137527"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
},
{
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"id": "VAR-201805-1141",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "VULHUB",
"id": "VHN-137527"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
}
]
},
"last_update_date": "2024-11-23T21:53:07.878000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.advantech.co.jp/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patches for multiple Advantech product file names or path external control vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/135199"
},
{
"title": "Multiple Advantech Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80058"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
},
{
"problemtype": "CWE-73",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137527"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7495"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7495"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "VULHUB",
"id": "VHN-137527"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
},
{
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "VULHUB",
"id": "VHN-137527"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
},
{
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-24T00:00:00",
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-137527"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-448"
},
{
"date": "2018-05-15T22:29:00.410000",
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-137527"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-448"
},
{
"date": "2024-11-21T04:12:14.620000",
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Advantech WebAccess Path traversal vulnerability in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
}
],
"trust": 0.8
}
}
VAR-201805-0251
Vulnerability from variot - Updated: 2024-11-23 21:53In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an origin validation error vulnerability has been identified, which may allow an attacker can create a malicious web site, steal session cookies, and access data of authenticated users. Advantech WebAccess Contains a session fixation vulnerability.Information may be obtained. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0251",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess scada node",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
},
{
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell, rgod, Steven Seeley, Donato Onofri and Simone Onofri",
"sources": [
{
"db": "BID",
"id": "104190"
}
],
"trust": 0.3
},
"cve": "CVE-2018-10591",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2018-10591",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-10703",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-120366",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2018-10591",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-10591",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-10591",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-10703",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-449",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-120366",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "VULHUB",
"id": "VHN-120366"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
},
{
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an origin validation error vulnerability has been identified, which may allow an attacker can create a malicious web site, steal session cookies, and access data of authenticated users. Advantech WebAccess Contains a session fixation vulnerability.Information may be obtained. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10591"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-120366"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-10591",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201805-449",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-10703",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2F0BF10-39AB-11E9-AED2-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-120366",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "VULHUB",
"id": "VHN-120366"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
},
{
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"id": "VAR-201805-0251",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "VULHUB",
"id": "VHN-120366"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
}
]
},
"last_update_date": "2024-11-23T21:53:07.737000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess/webaccessscada"
},
{
"title": "Advantech WebAccess Source Validation Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130839"
},
{
"title": "Multiple Advantech Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80059"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-384",
"trust": 1.9
},
{
"problemtype": "CWE-346",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120366"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10591"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10591"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "VULHUB",
"id": "VHN-120366"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
},
{
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "VULHUB",
"id": "VHN-120366"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
},
{
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-31T00:00:00",
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-120366"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-449"
},
{
"date": "2018-05-15T22:29:00.363000",
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-120366"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-449"
},
{
"date": "2024-11-21T03:41:37.217000",
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Source Validation Error Vulnerability",
"sources": [
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
}
],
"trust": 0.6
}
}
VAR-201805-1145
Vulnerability from variot - Updated: 2024-11-23 21:53In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a path transversal vulnerability has been identified, which may allow an attacker to disclose sensitive information on the target. plural Advantech WebAccess The product contains a path traversal vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the DownloadAction servlet. When parsing the filename and taskname parameters, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information under the context of SYSTEM. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess \u003c=v8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-471"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444"
},
{
"db": "NVD",
"id": "CVE-2018-7503"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
}
]
},
"credits": {
"_id": null,
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-471"
}
],
"trust": 0.7
},
"cve": "CVE-2018-7503",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7503",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7503",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2018-10709",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-137535",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7503",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7503",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-7503",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2018-7503",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-10709",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-444",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137535",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-471"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
},
{
"db": "VULHUB",
"id": "VHN-137535"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444"
},
{
"db": "NVD",
"id": "CVE-2018-7503"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a path transversal vulnerability has been identified, which may allow an attacker to disclose sensitive information on the target. plural Advantech WebAccess The product contains a path traversal vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the DownloadAction servlet. When parsing the filename and taskname parameters, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information under the context of SYSTEM. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7503"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
},
{
"db": "ZDI",
"id": "ZDI-18-471"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137535"
}
],
"trust": 3.33
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-7503",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNVD",
"id": "CNVD-2018-10709",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5477",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-471",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F0E621-39AB-11E9-9C2C-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137535",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-471"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
},
{
"db": "VULHUB",
"id": "VHN-137535"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444"
},
{
"db": "NVD",
"id": "CVE-2018-7503"
}
]
},
"id": "VAR-201805-1145",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
},
{
"db": "VULHUB",
"id": "VHN-137535"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
}
]
},
"last_update_date": "2024-11-23T21:53:07.688000Z",
"patch": {
"_id": null,
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.advantech.co.jp/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patch for Advantech WebAccess Path Traversal Vulnerability (CNVD-2018-10709)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130717"
},
{
"title": "Multiple Advantech Product path traversal vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80054"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-471"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137535"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
},
{
"db": "NVD",
"id": "CVE-2018-7503"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7503"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7503"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-471"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
},
{
"db": "VULHUB",
"id": "VHN-137535"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444"
},
{
"db": "NVD",
"id": "CVE-2018-7503"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-471",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10709",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-137535",
"ident": null
},
{
"db": "BID",
"id": "104190",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-7503",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-05-31T00:00:00",
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-471",
"ident": null
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10709",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-137535",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005074",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-444",
"ident": null
},
{
"date": "2018-05-15T22:29:00.597000",
"db": "NVD",
"id": "CVE-2018-7503",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-471",
"ident": null
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10709",
"ident": null
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-137535",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005074",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-444",
"ident": null
},
{
"date": "2024-11-21T04:12:15.480000",
"db": "NVD",
"id": "CVE-2018-7503",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-444"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "plural Advantech WebAccess Path traversal vulnerability in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444"
}
],
"trust": 0.8
}
}
VAR-201805-0249
Vulnerability from variot - Updated: 2024-11-23 21:53In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a path transversal vulnerability has been identified, which may allow an attacker to execute arbitrary code. Advantech WebAccess Contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A path traversal vulnerability exists in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0249",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess scada node",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
},
{
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-483"
}
],
"trust": 0.7
},
"cve": "CVE-2018-10589",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-10589",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-10589",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-10660",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-120363",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-10589",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-10589",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-10589",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2018-10589",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-10660",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-451",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-120363",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "VULHUB",
"id": "VHN-120363"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
},
{
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a path transversal vulnerability has been identified, which may allow an attacker to execute arbitrary code. Advantech WebAccess Contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A path traversal vulnerability exists in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10589"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-120363"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-10589",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNVD",
"id": "CNVD-2018-10660",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5627",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-483",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F18262-39AB-11E9-8AEC-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-120363",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "VULHUB",
"id": "VHN-120363"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
},
{
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"id": "VAR-201805-0249",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "VULHUB",
"id": "VHN-120363"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
}
]
},
"last_update_date": "2024-11-23T21:53:07.534000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess/webaccessscada"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patch for Advantech WebAccess Path Traversal Vulnerability (CNVD-2018-10660)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130697"
},
{
"title": "Multiple Advantech Product path traversal vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80061"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120363"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10589"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10589"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "VULHUB",
"id": "VHN-120363"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
},
{
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "VULHUB",
"id": "VHN-120363"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
},
{
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-31T00:00:00",
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-120363"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-451"
},
{
"date": "2018-05-15T22:29:00.267000",
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-13T00:00:00",
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-120363"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-451"
},
{
"date": "2024-11-21T03:41:36.973000",
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Path traversal vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
}
],
"trust": 0.8
}
}
VAR-201805-1146
Vulnerability from variot - Updated: 2024-11-23 21:53In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a TFTP application has unrestricted file uploads to the web application without authorization, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute code on vulnerable installations of Advantech WebAccess NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the configuration of the TFTP service. The issue results from the lack of proper validation of user-supplied data, which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute code under the context of SYSTEM. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A privilege elevation vulnerability exists in several Advantech products that stems from a TFTP application that allows unauthorized uploading of arbitrary files to a web application. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. An escalation of privilege vulnerability exists in several Advantech products. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess \u003c=v8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-470"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443"
},
{
"db": "NVD",
"id": "CVE-2018-7505"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
}
]
},
"credits": {
"_id": null,
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-470"
}
],
"trust": 0.7
},
"cve": "CVE-2018-7505",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7505",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7505",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-13785",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-137537",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7505",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7505",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-7505",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2018-7505",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-13785",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-443",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-137537",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-470"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
},
{
"db": "VULHUB",
"id": "VHN-137537"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443"
},
{
"db": "NVD",
"id": "CVE-2018-7505"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a TFTP application has unrestricted file uploads to the web application without authorization, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute code on vulnerable installations of Advantech WebAccess NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the configuration of the TFTP service. The issue results from the lack of proper validation of user-supplied data, which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute code under the context of SYSTEM. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A privilege elevation vulnerability exists in several Advantech products that stems from a TFTP application that allows unauthorized uploading of arbitrary files to a web application. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. An escalation of privilege vulnerability exists in several Advantech products. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7505"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
},
{
"db": "ZDI",
"id": "ZDI-18-470"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137537"
}
],
"trust": 3.33
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-7505",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-13785",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5476",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-470",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F700A1-39AB-11E9-8A88-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137537",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-470"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
},
{
"db": "VULHUB",
"id": "VHN-137537"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443"
},
{
"db": "NVD",
"id": "CVE-2018-7505"
}
]
},
"id": "VAR-201805-1146",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
},
{
"db": "VULHUB",
"id": "VHN-137537"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
}
]
},
"last_update_date": "2024-11-23T21:53:07.489000Z",
"patch": {
"_id": null,
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.advantech.co.jp/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patches for multiple Advantech product privilege escalation vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/135201"
},
{
"title": "Multiple Advantech Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80053"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-470"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-434",
"trust": 1.9
},
{
"problemtype": "CWE-264",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137537"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
},
{
"db": "NVD",
"id": "CVE-2018-7505"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7505"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7505"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-470"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
},
{
"db": "VULHUB",
"id": "VHN-137537"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443"
},
{
"db": "NVD",
"id": "CVE-2018-7505"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-470",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-13785",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-137537",
"ident": null
},
{
"db": "BID",
"id": "104190",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-7505",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-07-24T00:00:00",
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-470",
"ident": null
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13785",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-137537",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005075",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-443",
"ident": null
},
{
"date": "2018-05-15T22:29:00.643000",
"db": "NVD",
"id": "CVE-2018-7505",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-470",
"ident": null
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13785",
"ident": null
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-137537",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005075",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-443",
"ident": null
},
{
"date": "2024-11-21T04:12:15.683000",
"db": "NVD",
"id": "CVE-2018-7505",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-443"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "plural Advantech WebAccess Product unrestricted upload vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443"
}
],
"trust": 0.8
}
}
VAR-201805-1128
Vulnerability from variot - Updated: 2024-11-23 21:53In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a heap-based buffer overflow vulnerability has been identified, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x13C80 IOCTL in the BwOpcTool subsystem. When parsing the NamedObject structure, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A heap buffer overflow vulnerability exists in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following products and versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess \u003c=v8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-527"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441"
},
{
"db": "NVD",
"id": "CVE-2018-8845"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
}
]
},
"credits": {
"_id": null,
"data": "Fritz Sands of the Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-527"
}
],
"trust": 0.7
},
"cve": "CVE-2018-8845",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-8845",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-8845",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-13781",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-138877",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-8845",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-8845",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-8845",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-8845",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2018-8845",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-13781",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-441",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-138877",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-527"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
},
{
"db": "VULHUB",
"id": "VHN-138877"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441"
},
{
"db": "NVD",
"id": "CVE-2018-8845"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a heap-based buffer overflow vulnerability has been identified, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x13C80 IOCTL in the BwOpcTool subsystem. When parsing the NamedObject structure, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A heap buffer overflow vulnerability exists in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following products and versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-8845"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
},
{
"db": "ZDI",
"id": "ZDI-18-527"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-138877"
}
],
"trust": 3.33
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-8845",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNVD",
"id": "CNVD-2018-13781",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5897",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-527",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F6D991-39AB-11E9-A20E-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-138877",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-527"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
},
{
"db": "VULHUB",
"id": "VHN-138877"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441"
},
{
"db": "NVD",
"id": "CVE-2018-8845"
}
]
},
"id": "VAR-201805-1128",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
},
{
"db": "VULHUB",
"id": "VHN-138877"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
}
]
},
"last_update_date": "2024-11-23T21:53:07.443000Z",
"patch": {
"_id": null,
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.advantech.co.jp/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patches for multiple Advantech product heap buffer overflow vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/135205"
},
{
"title": "Multiple Advantech Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80051"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-527"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-122",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-138877"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
},
{
"db": "NVD",
"id": "CVE-2018-8845"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8845"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-8845"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-527"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
},
{
"db": "VULHUB",
"id": "VHN-138877"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441"
},
{
"db": "NVD",
"id": "CVE-2018-8845"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-527",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-13781",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-138877",
"ident": null
},
{
"db": "BID",
"id": "104190",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-8845",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-07-24T00:00:00",
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-527",
"ident": null
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13781",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-138877",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005077",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-441",
"ident": null
},
{
"date": "2018-05-15T22:29:00.723000",
"db": "NVD",
"id": "CVE-2018-8845",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-527",
"ident": null
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13781",
"ident": null
},
{
"date": "2020-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-138877",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005077",
"ident": null
},
{
"date": "2020-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-441",
"ident": null
},
{
"date": "2024-11-21T04:14:26.320000",
"db": "NVD",
"id": "CVE-2018-8845",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-441"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "plural Advantech WebAccess Product buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441"
}
],
"trust": 0.8
}
}
VAR-201805-1142
Vulnerability from variot - Updated: 2024-11-23 21:53In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several untrusted pointer dereference vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product includes NULL A vulnerability related to pointer dereference exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x277e IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess node",
"scope": null,
"trust": 5.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 1.6,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.8,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-484"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447"
},
{
"db": "NVD",
"id": "CVE-2018-7497"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
}
]
},
"credits": {
"_id": null,
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
}
],
"trust": 4.9
},
"cve": "CVE-2018-7497",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-7497",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 5.6,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7497",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2018-10813",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-137529",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7497",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-7497",
"trust": 5.6,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7497",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-7497",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-10813",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-447",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-137529",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-484"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
},
{
"db": "VULHUB",
"id": "VHN-137529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447"
},
{
"db": "NVD",
"id": "CVE-2018-7497"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several untrusted pointer dereference vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product includes NULL A vulnerability related to pointer dereference exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x277e IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7497"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
},
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-484"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137529"
}
],
"trust": 7.74
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-7497",
"trust": 9.2
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNVD",
"id": "CNVD-2018-10813",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5711",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-526",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5648",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-484",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5655",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-491",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5656",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-492",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5659",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-494",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5661",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-496",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5658",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-493",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5660",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-495",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F1A971-39AB-11E9-8038-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137529",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-484"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
},
{
"db": "VULHUB",
"id": "VHN-137529"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447"
},
{
"db": "NVD",
"id": "CVE-2018-7497"
}
]
},
"id": "VAR-201805-1142",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
},
{
"db": "VULHUB",
"id": "VHN-137529"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
}
]
},
"last_update_date": "2024-11-23T21:53:07.367000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 5.6,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.advantech.co.jp/"
},
{
"title": "Advantech WebAccess Untrusted Pointer Dereference Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130861"
},
{
"title": "Multiple Advantech Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80057"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-484"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-476",
"trust": 1.9
},
{
"problemtype": "CWE-822",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
},
{
"db": "NVD",
"id": "CVE-2018-7497"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 9.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7497"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7497"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-484"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
},
{
"db": "VULHUB",
"id": "VHN-137529"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447"
},
{
"db": "NVD",
"id": "CVE-2018-7497"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-526",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-484",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-491",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-492",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-494",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-496",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-493",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-495",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10813",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-137529",
"ident": null
},
{
"db": "BID",
"id": "104190",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-7497",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-06-01T00:00:00",
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-526",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-484",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-491",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-492",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-494",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-496",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-493",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-495",
"ident": null
},
{
"date": "2018-06-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10813",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-137529",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005071",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-447",
"ident": null
},
{
"date": "2018-05-15T22:29:00.457000",
"db": "NVD",
"id": "CVE-2018-7497",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-526",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-484",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-491",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-492",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-494",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-496",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-493",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-495",
"ident": null
},
{
"date": "2018-06-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10813",
"ident": null
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-137529",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005071",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-447",
"ident": null
},
{
"date": "2024-11-21T04:12:14.833000",
"db": "NVD",
"id": "CVE-2018-7497",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-447"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess Node webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
}
],
"trust": 4.9
},
"type": {
"_id": null,
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447"
}
],
"trust": 0.8
}
}
VAR-202110-1356
Vulnerability from variot - Updated: 2024-08-14 14:03WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS. WebAccess/NMS Is Advantech Network management software provided by the company. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of the DashBoardAction endpoint of the web server. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose information from the application
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "3.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d0\u30f3\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lt",
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d0\u30f3\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e",
"version": "v3.0.3_build6299 earlier s"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-876"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002280"
},
{
"db": "NVD",
"id": "CVE-2021-32951"
}
]
},
"credits": {
"_id": null,
"data": "Selim Enes Karaduman (@Enesdex)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-876"
}
],
"trust": 0.7
},
"cve": "CVE-2021-32951",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-32951",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-392937",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2021-32951",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2021-002280",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2021-32951",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-32951",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2021-32951",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2021-002280",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2021-32951",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202108-1568",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-392937",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-876"
},
{
"db": "VULHUB",
"id": "VHN-392937"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002280"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1568"
},
{
"db": "NVD",
"id": "CVE-2021-32951"
},
{
"db": "NVD",
"id": "CVE-2021-32951"
}
]
},
"description": {
"_id": null,
"data": "WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS. WebAccess/NMS Is Advantech Network management software provided by the company. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of the DashBoardAction endpoint of the web server. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose information from the application",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-32951"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002280"
},
{
"db": "ZDI",
"id": "ZDI-21-876"
},
{
"db": "VULHUB",
"id": "VHN-392937"
}
],
"trust": 2.34
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2021-32951",
"trust": 3.2
},
{
"db": "ICS CERT",
"id": "ICSA-21-229-02",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-21-876",
"trust": 1.5
},
{
"db": "JVN",
"id": "JVNVU97362937",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002280",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-11883",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2021.2801",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1568",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-392937",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-876"
},
{
"db": "VULHUB",
"id": "VHN-392937"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002280"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1568"
},
{
"db": "NVD",
"id": "CVE-2021-32951"
}
]
},
"id": "VAR-202110-1356",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-392937"
}
],
"trust": 0.636888
},
"last_update_date": "2024-08-14T14:03:01.876000Z",
"patch": {
"_id": null,
"data": [
{
"title": "WebAccess/NMS\u00a0installation\u00a0file",
"trust": 0.8,
"url": "https://www.advantech.com/support/details/software-utility?id=1-12F529H"
},
{
"title": "This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 120 day deadline.03/03/21 \u2013 ZDI reported the vulnerability to ICS-CERT03/03/21 \u2013 ICS-CERT acknowledged the report07/05/21 \u2013 ZDI requested an update 07/08/21 \u2013 ZDI requested an update07/09/21 \u2013 ZDI notified ICS-CERT of the intention to publish the case as a 0-day advisory on 07/19/2108/17/21 - ICS-CERT published an advisory Mitigation:Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application.",
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-229-02--"
},
{
"title": "Advantech WebAccess/NMS Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167573"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-876"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002280"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1568"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-287",
"trust": 1.1
},
{
"problemtype": "Improper authentication (CWE-287) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-392937"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002280"
},
{
"db": "NVD",
"id": "CVE-2021-32951"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.1,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-229-02"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97362937/"
},
{
"trust": 0.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-876/"
},
{
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-229-02--"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-32951"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2801"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-876"
},
{
"db": "VULHUB",
"id": "VHN-392937"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002280"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1568"
},
{
"db": "NVD",
"id": "CVE-2021-32951"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-21-876",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-392937",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002280",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1568",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2021-32951",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2021-07-19T00:00:00",
"db": "ZDI",
"id": "ZDI-21-876",
"ident": null
},
{
"date": "2021-10-27T00:00:00",
"db": "VULHUB",
"id": "VHN-392937",
"ident": null
},
{
"date": "2021-08-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-002280",
"ident": null
},
{
"date": "2021-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-1568",
"ident": null
},
{
"date": "2021-10-27T01:15:07.333000",
"db": "NVD",
"id": "CVE-2021-32951",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2021-08-25T00:00:00",
"db": "ZDI",
"id": "ZDI-21-876",
"ident": null
},
{
"date": "2021-10-29T00:00:00",
"db": "VULHUB",
"id": "VHN-392937",
"ident": null
},
{
"date": "2021-08-19T04:50:00",
"db": "JVNDB",
"id": "JVNDB-2021-002280",
"ident": null
},
{
"date": "2021-11-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-1568",
"ident": null
},
{
"date": "2021-10-29T01:16:40.303000",
"db": "NVD",
"id": "CVE-2021-32951",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-1568"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech\u00a0 Made \u00a0WebAccess/NMS\u00a0 Authentication deficiency vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-002280"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-1568"
}
],
"trust": 0.6
}
}
CVE-2021-32951 (GCVE-0-2021-32951)
Vulnerability from nvd – Published: 2021-10-27 00:54 – Updated: 2024-09-16 20:48
VLAI?
Title
Advantech WebAccess/NMS Improper Authentication
Summary
WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS.
Severity ?
5.3 (Medium)
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/NMS |
Affected:
Versions , < v3.0.3_Build6299
(custom)
|
Credits
Selim Enes Karaduman (@Enesdex), working with Trend Micro’s Zero Day Initiative, reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:56.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-229-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebAccess/NMS",
"vendor": "Advantech",
"versions": [
{
"lessThan": "v3.0.3_Build6299",
"status": "affected",
"version": "Versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Selim Enes Karaduman (@Enesdex), working with Trend Micro\u2019s Zero Day Initiative, reported this vulnerability to CISA."
}
],
"datePublic": "2021-08-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T00:54:22",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-229-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Advantech recommends updating to Version 3.0.3"
}
],
"source": {
"advisory": "ICSA-21-229-02",
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/NMS Improper Authentication",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-08-11T16:50:00.000Z",
"ID": "CVE-2021-32951",
"STATE": "PUBLIC",
"TITLE": "Advantech WebAccess/NMS Improper Authentication"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebAccess/NMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Versions",
"version_value": "v3.0.3_Build6299"
}
]
}
}
]
},
"vendor_name": "Advantech"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Selim Enes Karaduman (@Enesdex), working with Trend Micro\u2019s Zero Day Initiative, reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287 Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-229-02",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-229-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Advantech recommends updating to Version 3.0.3"
}
],
"source": {
"advisory": "ICSA-21-229-02",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-32951",
"datePublished": "2021-10-27T00:54:22.837305Z",
"dateReserved": "2021-05-13T00:00:00",
"dateUpdated": "2024-09-16T20:48:04.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10631 (GCVE-0-2020-10631)
Vulnerability from nvd – Published: 2020-04-09 13:08 – Updated: 2024-08-04 11:06
VLAI?
Summary
An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS's (versions prior to 3.0.2) control.
Severity ?
No CVSS data available.
CWE
- CWE-23 - RELATIVE PATH TRAVERSAL CWE-23
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | WebAccess/NMS |
Affected:
Versions prior to 3.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:10.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebAccess/NMS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions prior to 3.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS\u0027s (versions prior to 3.0.2) control."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "RELATIVE PATH TRAVERSAL CWE-23",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T13:08:55",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-10631",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebAccess/NMS",
"version": {
"version_data": [
{
"version_value": "Versions prior to 3.0.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS\u0027s (versions prior to 3.0.2) control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "RELATIVE PATH TRAVERSAL CWE-23"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-10631",
"datePublished": "2020-04-09T13:08:55",
"dateReserved": "2020-03-16T00:00:00",
"dateUpdated": "2024-08-04T11:06:10.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10629 (GCVE-0-2020-10629)
Vulnerability from nvd – Published: 2020-04-09 13:12 – Updated: 2024-08-04 11:06
VLAI?
Summary
WebAccess/NMS (versions prior to 3.0.2) does not sanitize XML input. Specially crafted XML input could allow an attacker to read sensitive files.
Severity ?
No CVSS data available.
CWE
- CWE-611 - IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | WebAccess/NMS |
Affected:
Versions prior to 3.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:10.190Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebAccess/NMS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions prior to 3.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WebAccess/NMS (versions prior to 3.0.2) does not sanitize XML input. Specially crafted XML input could allow an attacker to read sensitive files."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T13:12:17",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-10629",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebAccess/NMS",
"version": {
"version_data": [
{
"version_value": "Versions prior to 3.0.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebAccess/NMS (versions prior to 3.0.2) does not sanitize XML input. Specially crafted XML input could allow an attacker to read sensitive files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-10629",
"datePublished": "2020-04-09T13:12:17",
"dateReserved": "2020-03-16T00:00:00",
"dateUpdated": "2024-08-04T11:06:10.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10625 (GCVE-0-2020-10625)
Vulnerability from nvd – Published: 2020-04-09 13:06 – Updated: 2024-08-04 11:06
VLAI?
Summary
WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remote user to create a new admin account.
Severity ?
No CVSS data available.
CWE
- CWE-306 - MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | WebAccess/NMS |
Affected:
Versions prior to 3.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:10.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebAccess/NMS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions prior to 3.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remote user to create a new admin account."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T13:06:59",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-10625",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebAccess/NMS",
"version": {
"version_data": [
{
"version_value": "Versions prior to 3.0.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remote user to create a new admin account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-10625",
"datePublished": "2020-04-09T13:06:59",
"dateReserved": "2020-03-16T00:00:00",
"dateUpdated": "2024-08-04T11:06:10.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10623 (GCVE-0-2020-10623)
Vulnerability from nvd – Published: 2020-04-09 13:03 – Updated: 2024-08-04 11:06
VLAI?
Summary
Multiple vulnerabilities could allow an attacker with low privileges to perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information.
Severity ?
No CVSS data available.
CWE
- CWE-89 - IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND ('SQL INJECTION') CWE-89
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | WebAccess/NMS |
Affected:
Versions prior to 3.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:10.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebAccess/NMS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions prior to 3.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities could allow an attacker with low privileges to perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND (\u0027SQL INJECTION\u0027) CWE-89",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T13:03:30",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-10623",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebAccess/NMS",
"version": {
"version_data": [
{
"version_value": "Versions prior to 3.0.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities could allow an attacker with low privileges to perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND (\u0027SQL INJECTION\u0027) CWE-89"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-10623",
"datePublished": "2020-04-09T13:03:30",
"dateReserved": "2020-03-16T00:00:00",
"dateUpdated": "2024-08-04T11:06:10.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10619 (GCVE-0-2020-10619)
Vulnerability from nvd – Published: 2020-04-09 13:13 – Updated: 2024-08-04 11:06
VLAI?
Summary
An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's (versions prior to 3.0.2) control.
Severity ?
No CVSS data available.
CWE
- CWE-23 - RELATIVE PATH TRAVERSAL CWE-23
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | WebAccess/NMS |
Affected:
Versions prior to 3.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:10.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebAccess/NMS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions prior to 3.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS\u0027s (versions prior to 3.0.2) control."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "RELATIVE PATH TRAVERSAL CWE-23",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T13:13:42",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-10619",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebAccess/NMS",
"version": {
"version_data": [
{
"version_value": "Versions prior to 3.0.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS\u0027s (versions prior to 3.0.2) control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "RELATIVE PATH TRAVERSAL CWE-23"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-10619",
"datePublished": "2020-04-09T13:13:42",
"dateReserved": "2020-03-16T00:00:00",
"dateUpdated": "2024-08-04T11:06:10.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10617 (GCVE-0-2020-10617)
Vulnerability from nvd – Published: 2020-04-09 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
There are multiple ways an unauthenticated attacker could perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information.
Severity ?
No CVSS data available.
CWE
- CWE-89 - IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND ('SQL INJECTION') CWE-89
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | WebAccess/NMS |
Affected:
Versions prior to 3.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:10.158Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebAccess/NMS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions prior to 3.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There are multiple ways an unauthenticated attacker could perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND (\u0027SQL INJECTION\u0027) CWE-89",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T13:05:12",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-10617",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebAccess/NMS",
"version": {
"version_data": [
{
"version_value": "Versions prior to 3.0.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There are multiple ways an unauthenticated attacker could perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND (\u0027SQL INJECTION\u0027) CWE-89"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-10617",
"datePublished": "2020-04-09T13:05:12",
"dateReserved": "2020-03-16T00:00:00",
"dateUpdated": "2024-08-04T11:06:10.158Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10603 (GCVE-0-2020-10603)
Vulnerability from nvd – Published: 2020-04-09 13:10 – Updated: 2024-08-04 11:06
VLAI?
Summary
WebAccess/NMS (versions prior to 3.0.2) does not properly sanitize user input and may allow an attacker to inject system commands remotely.
Severity ?
No CVSS data available.
CWE
- CWE-78 - IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS COMMAND INJECTION') CWE-78
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | WebAccess/NMS |
Affected:
Versions prior to 3.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:10.057Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebAccess/NMS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions prior to 3.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WebAccess/NMS (versions prior to 3.0.2) does not properly sanitize user input and may allow an attacker to inject system commands remotely."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (\u0027OS COMMAND INJECTION\u0027) CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T13:10:53",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-10603",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebAccess/NMS",
"version": {
"version_data": [
{
"version_value": "Versions prior to 3.0.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebAccess/NMS (versions prior to 3.0.2) does not properly sanitize user input and may allow an attacker to inject system commands remotely."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (\u0027OS COMMAND INJECTION\u0027) CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-10603",
"datePublished": "2020-04-09T13:10:53",
"dateReserved": "2020-03-16T00:00:00",
"dateUpdated": "2024-08-04T11:06:10.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10621 (GCVE-0-2020-10621)
Vulnerability from nvd – Published: 2020-04-09 13:01 – Updated: 2024-08-04 11:06
VLAI?
Summary
Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions prior to 3.0.2).
Severity ?
No CVSS data available.
CWE
- CWE-434 - UNRESTRICTED UPLOAD OF FILE WITH DANGEROUS TYPE CWE-434
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | WebAccess/NMS |
Affected:
Versions prior to 3.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:10.185Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebAccess/NMS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions prior to 3.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions prior to 3.0.2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "UNRESTRICTED UPLOAD OF FILE WITH DANGEROUS TYPE CWE-434",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T13:01:26",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-10621",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebAccess/NMS",
"version": {
"version_data": [
{
"version_value": "Versions prior to 3.0.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions prior to 3.0.2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "UNRESTRICTED UPLOAD OF FILE WITH DANGEROUS TYPE CWE-434"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-098-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-10621",
"datePublished": "2020-04-09T13:01:26",
"dateReserved": "2020-03-16T00:00:00",
"dateUpdated": "2024-08-04T11:06:10.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32951 (GCVE-0-2021-32951)
Vulnerability from cvelistv5 – Published: 2021-10-27 00:54 – Updated: 2024-09-16 20:48
VLAI?
Title
Advantech WebAccess/NMS Improper Authentication
Summary
WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS.
Severity ?
5.3 (Medium)
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/NMS |
Affected:
Versions , < v3.0.3_Build6299
(custom)
|
Credits
Selim Enes Karaduman (@Enesdex), working with Trend Micro’s Zero Day Initiative, reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:56.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-229-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebAccess/NMS",
"vendor": "Advantech",
"versions": [
{
"lessThan": "v3.0.3_Build6299",
"status": "affected",
"version": "Versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Selim Enes Karaduman (@Enesdex), working with Trend Micro\u2019s Zero Day Initiative, reported this vulnerability to CISA."
}
],
"datePublic": "2021-08-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T00:54:22",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-229-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Advantech recommends updating to Version 3.0.3"
}
],
"source": {
"advisory": "ICSA-21-229-02",
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess/NMS Improper Authentication",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-08-11T16:50:00.000Z",
"ID": "CVE-2021-32951",
"STATE": "PUBLIC",
"TITLE": "Advantech WebAccess/NMS Improper Authentication"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebAccess/NMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Versions",
"version_value": "v3.0.3_Build6299"
}
]
}
}
]
},
"vendor_name": "Advantech"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Selim Enes Karaduman (@Enesdex), working with Trend Micro\u2019s Zero Day Initiative, reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287 Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-229-02",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-229-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Advantech recommends updating to Version 3.0.3"
}
],
"source": {
"advisory": "ICSA-21-229-02",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-32951",
"datePublished": "2021-10-27T00:54:22.837305Z",
"dateReserved": "2021-05-13T00:00:00",
"dateUpdated": "2024-09-16T20:48:04.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}