漏洞类别:CGI
漏洞等级: 
漏洞信息
Advantech WebAccess HMI/SCADA is an application used for monitoring and controlling industrial processes.
The application is exposed to the following vulnerabilities:
CVE-2017-5152: Authentication bypass issue.
CVE-2017-5154: SQL injection vulnerability exists in updateTemplate.aspx.
Affected Versions:
Advantech WebAccess 8.1
漏洞危害
Successful exploitation could allow an attacker to obtain administrative access to the application and its data files.
解决方案
Users are advised to upgrade to the 8.2 version of the software. Refer to the following link for further details: Advantech WebAccess
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论