CVE-2014-0765
Advantech WebAccess < 7.1 - Remote Code Execution via GotoCmd Argument Buffer Overflow
Title source: llmDescription
To exploit this vulnerability, the attacker sends data from the GotoCmd argument to control. If the value of the argument is overly long, the static stack buffer can be overflowed. This will allow the attacker to execute arbitrary code remotely.
References (5)
Core 5
Core References
Third Party Advisory, US Government Resource
http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Various Sources
http://webaccess.advantech.com/
Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/66722
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/66740
Scores
EPSS
0.0118
EPSS Percentile
79.0%
Details
CWE
CWE-119
CWE-121
Status
published
Products (6)
advantech/advantech_webaccess
5.0
advantech/advantech_webaccess
6.0
advantech/advantech_webaccess
7.0
advantech/advantech_webaccess
< 7.1
Advantech/WebAccess
< 7.1
Advantech/WebAccess
7.2
Published
Apr 12, 2014
Tracked Since
Feb 18, 2026