CVE-2017-14016

MEDIUM

Advantech WebAccess <V8.2_20170817 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2017-14016. PoCs published by Metasploit, including Metasploit module exploits/windows/scada/advantech_webaccess_webvrpcs_bof.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in Advantech WebAccess 8.2 via a crafted DCERPC request to opcode 80061, achieving remote code execution.

Description

A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubywebappswindows

https://www.exploit-db.com/exploits/43340

View Code ZIP pw:eip

This Metasploit module exploits a stack buffer overflow in Advantech WebAccess 8.2 via a crafted DCERPC request to opcode 80061, achieving remote code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Advantech WebAccess 8.2-2017.03.31

No auth needed

Prerequisites: Network access to target on port 4592 · Target running vulnerable Advantech WebAccess version

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC GOOD

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/advantech_webaccess_webvrpcs_bof.rb

View Code ZIP pw:eip

This Metasploit module exploits a stack buffer overflow in Advantech WebAccess 8.2 via a crafted DCERPC request to opcode 80061, achieving remote code execution through a ROP chain and egghunter.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Advantech WebAccess 8.2-2017.03.31

No auth needed

Prerequisites: Network access to port 4592 · Target running Advantech WebAccess 8.2

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/101685

Third Party Advisory, US Government Resource x_refsource_misc

https://ics-cert.us-cert.gov/advisories/ICSA-17-306-02

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/43340/

Scores

CVSS v3 6.3

EPSS 0.1604

EPSS Percentile 96.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Details

CWE

CWE-119 CWE-121

Status published

Products (2)

advantech/webaccess < 8.2_20170817

n/a/Advantech WebAccess Advantech WebAccess

Published Nov 06, 2017

Tracked Since Feb 18, 2026