CVE-2017-7929

HIGH

Advantech Webaccess < 8.1 - Path Traversal

Title source: rule

Description

An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories.

References (2)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/98311

[Mitigation, Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSA-17-124-03

Scores

CVSS v3 7.1

EPSS 0.0076

EPSS Percentile 73.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

Details

CWE

CWE-22 CWE-36

Status published

Products (2)

advantech/webaccess < 8.1

n/a/Advantech WebAccess Advantech WebAccess

Published May 06, 2017

Tracked Since Feb 18, 2026