CyberSec.Space Logo
Back to CVE Browser

CVE-2017-12698

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0580%
EPSS Percentile0.70th
PublishedAug 30, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

An Improper Authentication issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Specially crafted requests allow a possible authentication bypass that could allow remote code execution.

Affected Platforms (CPE)

πŸ“¦
Advantech

Webaccess

<= 8.2

References & Advisories

πŸ”— http://www.securityfocus.com/bid/100526
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02
πŸ”— http://www.securityfocus.com/bid/100526
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02

Related Vulnerabilities

CVE-2007-217110.0

Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows ...

CVE-2010-471410.0

Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a lon...

CVE-2003-155110.0

Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "...

CVE-2011-404110.0

webvrpcs.exe in Advantech/BroadWin WebAccess allows remote attackers to execute arbitrary code or obtain a security-code value via...