Lucene search
RgodZDI-16-125HistoryFeb 05, 2016 - 12:00 a.m.
Advantech WebAccess Dashboard Viewer renameFolder Directory Traversal Denial of Service Vulnerability
2016-02-0500:00:00
rgod
www.zerodayinitiative.com
14
EPSS
0.33
Percentile
97.1%
This vulnerability allows remote attackers to deny service to all users on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the renameFolder script allows unauthenticated callers to rename key system directories so that access to the functionality of WebAccess is completely blocked to all users.
Related
zdi
zdi
checkpoint_advisories
checkpoint_advisories
Advantech WebAccess SCADA Dashboard Directory Traversal (CVE-2016-0855)
2016-05-15 00:00:00
cvelist
cvelist
CVE-2016-0855
2016-01-15 02:00:00
nvd
nvd
CVE-2016-0855
2016-01-15 03:59:17
prion
prion
Directory traversal
2016-01-15 03:59:00
cve
cve
CVE-2016-0855
2016-01-15 03:59:17
nessus
nessus
Advantech WebAccess openWidget Script Path Traversal Remote File Disclosure
2016-02-18 00:00:00
Advantech WebAccess < 8.1-2015.12.30 Multiple Vulnerabilities
2016-03-03 00:00:00
ics
ics
Advantech WebAccess Vulnerabilities
2018-08-23 12:00:00
openvas
openvas
Advantech WebAccess Multiple Vulnerabilities (Jan 2016)
2016-01-22 00:00:00