CVE-2017-7929
published 2017-05-06CVE-2017-7929: An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified…
PriorityP336high7.1CVSS 3.0
AVNACLPRLUINSUCLINAH
EPSS
1.54%
71.7th percentile
An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| advantech | webaccess | <= 8.1 | — |
CVSS provenance
nvdv3.07.1HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
nvdv2.05.5MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Advantech WebAccess
cisa_ics·2017-05-04
Advantech WebAccess
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Advantech WebAccess
Last RevisedMay 04, 2017
Alert CodeICSA-17-124-03
## CVSS v3 7.1
ATTENTION: Remotely exploitable/low skill level to exploit.
Vendor: Advantech
Equipment: WebAccess
Vulnerability: Absolute Path Traversal
## AFFECTED PRODUCTS
The following WebAccess versions are affected:
- WebAccess Version 8.1 and prior.
## IMPACT
Successful exploitation of this vulnerability could allow the attacker to traverse the file system and gain access to files or directories, which could result in the device becoming unavailable.
## MITIGATION
Advantech has produced WebAcce
GHSA
GHSA-2436-8pwm-vj52: An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8
ghsa_unreviewed·2022-05-13
CVE-2017-7929 [HIGH] CWE-22 GHSA-2436-8pwm-vj52: An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8
An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-05-06
Published