CVE-2021-38408

Critical

A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the…

icscert·CWE-121·Published 2021-09-09

CVSS

9.8

EPSS

0.12

KEV

Exploits

cve.orgen

197 chars

A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.

NVDen

197 chars

A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.

NVDes

281 chars

Una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en Advantech WebAccess versiones 9.02 y anteriores, causada por una falta de comprobación apropiada de la longitud de los datos suministrados por el usuario puede permitir una ejecución de código remota

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H