CVE-2018-14820

Advantech WebAccess 8.3.1 and earlier has a .dll component that is susceptible to external control of file name or path vulnerability,…

icscert·CWE-73·Published 2018-10-23

CVSS

—

EPSS

0.02

KEV

Exploits

cve.orgen

194 chars

Advantech WebAccess 8.3.1 and earlier has a .dll component that is susceptible to external control of file name or path vulnerability, which may allow an arbitrary file deletion when processing.

NVDen

194 chars

Advantech WebAccess 8.3.1 and earlier has a .dll component that is susceptible to external control of file name or path vulnerability, which may allow an arbitrary file deletion when processing.

NVDes

229 chars

Advantech WebAccess 8.3.1 y anteriores tiene un componente .dll que es susceptible a una vulnerabilidad de control externo de ruta o nombre de archivo, lo que podría permitir la eliminación de un archivo arbitrario al procesarse.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.4	10.0	4.9	AV:N/AC:L/Au:N/C:N/I:P/A:P
3.0	Primary	NVD	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N