CVE-2012-0240
Advantech WebAccess < 7.0 - Unauthenticated Remote Code Execution via GbScriptAddUp.asp
Title source: llmDescription
GbScriptAddUp.asp in Advantech/BroadWin WebAccess before 7.0 does not properly perform authentication, which allows remote attackers to execute arbitrary code via unspecified vectors.
References (2)
Core 2
Core References
Patch, US Government Resource x_refsource_misc
http://www.us-cert.gov/control_systems/pdf/ICSA-12-047-01.pdf
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/52051
Scores
EPSS
0.0143
EPSS Percentile
80.9%
Details
CWE
CWE-287
Status
published
Products (2)
advantech/advantech_webaccess
5.0
advantech/advantech_webaccess
< 6.0
Published
Feb 21, 2012
Tracked Since
Feb 18, 2026