Description
An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/98311
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-17-124-03
Scores
CVSS v3
7.1
EPSS
0.0154
EPSS Percentile
71.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
Details
CWE
CWE-22
CWE-36
Status
published
Products (2)
advantech/webaccess
< 8.1
n/a/Advantech WebAccess
Advantech WebAccess
Published
May 06, 2017
Tracked Since
Feb 18, 2026