Intrusion Prevention

Advantech.WebAccess.Dashboard.RemoveFile.Directory.Traversal

Description

This indicates an attack attempt to exploit a Directory Traversal vulnerability in Advantech WebAccess.
The vulnerability is caused by improper validation of user supplied data when the vulnerable application handles a maliciously crafted request. An attacker can exploit this to manipulate files on the affected machine via a crafted request. Also a remote attacker may use it to cause denial of service condition in the affected machine via a crafted request

Affected Products

Advantech WebAccess 8.0 and prior

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue

CVE References

CVE-2016-0855