CVE-2017-5175

Advantech WebAccess 8.1 and earlier contains a DLL hijacking vulnerability which may allow an attacker to run a malicious DLL file within…

icscert·CWE-427·Published 2018-05-09

CVSS

—

EPSS

0.02

KEV

Exploits

cve.orgen

195 chars

Advantech WebAccess 8.1 and earlier contains a DLL hijacking vulnerability which may allow an attacker to run a malicious DLL file within the search path resulting in execution of arbitrary code.

NVDen

195 chars

Advantech WebAccess 8.1 and earlier contains a DLL hijacking vulnerability which may allow an attacker to run a malicious DLL file within the search path resulting in execution of arbitrary code.

NVDes

245 chars

Advantech WebAccess en versiones 8.1 y anteriores contiene una vulnerabilidad de secuestro de DLL, lo que podría permitir que un atacante ejecute un archivo DLL malicioso en la ruta de búsqueda, desembocando en la ejecución de código arbitrario.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H