Short Name |
HTTP:DIR:ADVANTECH-DIR-TR |
---|---|
Severity |
Minor |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Advantech WebAccess SCADA picfile Arbitrary File Upload |
Release Date |
2018/03/13 |
Update Number |
3045 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
An arbitrary file upload vulnerability exists in Advantech WebAccess SCADA software. Successful exploitation could lead to arbitrary code execution on the target application with privileges of the web application process.
An Unrestricted Upload Of File With Dangerous Type issue was discovered in Advantech WebAccess versions prior to 8.3. WebAccess allows a remote attacker to upload arbitrary files.