CVE-2018-15707

MEDIUM

Advantech WebAccess 8.3.1 and 8.3.2 - Cross-Site Scripting in Bwmainleft.asp

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-15707. PoCs published by Chris Lyne.

AI-analyzed exploit summary This exploit combines CVE-2018-15707 (XSS for credential theft) and CVE-2018-15705 (arbitrary file write) to achieve remote code execution on Advantech WebAccess SCADA 8.3.2. It requires user interaction to steal credentials via a malicious link, then writes an ASP file to execute arbitrary commands.

Description

Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site scripting in the Bwmainleft.asp page. An attacker could leverage this vulnerability to disclose credentials amongst other things.

Exploits (1)

exploitdb WORKING POC
by Chris Lyne · pythonwebappsasp
https://www.exploit-db.com/exploits/45774

This exploit combines CVE-2018-15707 (XSS for credential theft) and CVE-2018-15705 (arbitrary file write) to achieve remote code execution on Advantech WebAccess SCADA 8.3.2. It requires user interaction to steal credentials via a malicious link, then writes an ASP file to execute arbitrary commands.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Advantech WebAccess SCADA 8.3.2
Auth required
Prerequisites: Target running Advantech WebAccess SCADA 8.3.2 · User interaction to click malicious link · Valid project and node names
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/45774/
Exploit, Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2018-35

Scores

CVSS v3 5.4
EPSS 0.0188
EPSS Percentile 76.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (2)
advantech/webaccess 8.3.1
advantech/webaccess 8.3.2
Published Oct 31, 2018
Tracked Since Feb 18, 2026