漏洞类别:CGI
漏洞等级: 
漏洞信息
Advantech WebAccess HMI/SCADA is an application used for monitoring and controlling industrial processes.
A stack based buffer overflow vulnerability exists while handling certain files that triggers long string arguments to functions.
Affected versions:
Advantech WebAccess versions prior to 8.0_20150816
QID Detection Logic:
The QID flags for the vulnerable versions of Advantech WebAccess which it gets from the default web page.
漏洞危害
An attacker may then be able to crash the application or run arbitrary code by getting a user to execute the specially crafted file.
解决方案
Users are advised to upgrade to the 8.0_20150816 version of the software. Refer to the following link for further details:Advantech WebAccess
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论