CVE-2014-0988
published 2014-09-20CVE-2014-0988: Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode…
PriorityP337medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
2.57%
83.2th percentile
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| advantech | advantech_webaccess | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m5cf-xm33-h35p: Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7
ghsa_unreviewed·2022-05-17
CVE-2014-0988 [MEDIUM] CWE-119 GHSA-m5cf-xm33-h35p: Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode parameter.
CISA ICS
Advantech WebAccess Vulnerabilities
cisa_ics·2018-09-06
Advantech WebAccess Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Advantech WebAccess Vulnerabilities
Last RevisedSeptember 06, 2018
Alert CodeICSA-14-261-01
## OVERVIEW
Researcher Ricardo Narvaja of Core Security Technologies has identified several buffer overflow vulnerabilities in Advantech’s WebAccess application. Advantech has produced a patch that mitigates these vulnerabilities. The researcher has tested the patch to validate that it resolves the vulnerabilities. These vulnerabilities could be exploited remotely.
## AFFECTED PRODUCTS
The following Advantech WebAccess versions are affected:
- WebAccess Version 7.2.
## IMPACT
An atta
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2014-09-20
Published