CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2011-4525

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0510%
EPSS Percentile8.97th
Published2012年2月21日
Last Modified2026年4月29日

Vulnerability Description

Advantech/BroadWin WebAccess before 7.0 allows remote attackers to trigger the extraction of arbitrary web content into a batch file on a client system, and execute this batch file, via unspecified vectors.

Affected Platforms (CPE)

📦
Advantech

Advantech Webaccess

<= 6.0
📦
Advantech

Advantech Webaccess

= 5.0

References & Advisories

🔗 http://www.securityfocus.com/bid/52051
🔗 http://www.us-cert.gov/control_systems/pdf/ICSA-12-047-01.pdf
🔗 http://www.securityfocus.com/bid/52051
🔗 http://www.us-cert.gov/control_systems/pdf/ICSA-12-047-01.pdf

相關漏洞威脅

CVE-2014-920810.0

Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8.0.1 allow remote attackers to execu...

CVE-2017-127089.8

An Improper Restriction Of Operations Within The Bounds Of A Memory Buffer issue was discovered in Advantech WebAccess versions pr...

CVE-2017-126989.8

An Improper Authentication issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Specially crafted requests...

CVE-2017-127069.8

A stack-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identi...