Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:CTS:ADVTECH-NMS-ARB-UPLOAD
Severity	Critical
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Advantech WebAccess NMS SupportDeviceaddAction Arbitrary File Upload
Release Date	2020/07/27
Update Number	3302
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Advantech WebAccess NMS SupportDeviceaddAction Arbitrary File Upload

This signature detects attempts to exploit a known vulnerability against Advantech WebAccess NMS. A successful attack can lead to arbitrary code execution.

Extended Description

Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions prior to 3.0.2).

References

CVE: CVE-2020-10621
URL: http://www.zerodayinitiative.com/advisories/zdi-20-397/

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Advantech WebAccess NMS SupportDeviceaddAction Arbitrary File Upload

Extended Description

References