WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated malicious users to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrary code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
advantech webaccess 8.3.1 |
||
advantech webaccess 8.3.2 |