CyberSec.Space Logo
Back to CVE Browser

CVE-2017-12706

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0970%
EPSS Percentile2.37th
PublishedAug 30, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

A stack-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process.

Affected Platforms (CPE)

πŸ“¦
Advantech

Webaccess

<= 8.2

References & Advisories

πŸ”— http://www.securityfocus.com/bid/100526
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02
πŸ”— http://www.securityfocus.com/bid/100526
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02

Related Vulnerabilities

CVE-2007-217110.0

Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows ...

CVE-2010-471410.0

Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a lon...

CVE-2003-155110.0

Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "...

CVE-2011-404110.0

webvrpcs.exe in Advantech/BroadWin WebAccess allows remote attackers to execute arbitrary code or obtain a security-code value via...