CyberSec.Space Logo
CVEブラウザに戻る

CVE-2017-12698

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0580%
EPSS Percentile0.70th
Published2017年8月30日
Last Modified2026年5月13日

Vulnerability Description

An Improper Authentication issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Specially crafted requests allow a possible authentication bypass that could allow remote code execution.

Affected Platforms (CPE)

📦
Advantech

Webaccess

<= 8.2

References & Advisories

🔗 http://www.securityfocus.com/bid/100526
🔗 https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02
🔗 http://www.securityfocus.com/bid/100526
🔗 https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02

関連する脆弱性情報

CVE-2007-217110.0

Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows ...

CVE-2010-471410.0

Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a lon...

CVE-2003-155110.0

Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "...

CVE-2011-404110.0

webvrpcs.exe in Advantech/BroadWin WebAccess allows remote attackers to execute arbitrary code or obtain a security-code value via...