CVE-2018-14806
published 2018-10-23CVE-2018-14806: Advantech WebAccess 8.3.1 and earlier has a path traversal vulnerability which may allow an attacker to execute arbitrary code.
PriorityP262critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
4.78%
90.8th percentile
Advantech WebAccess 8.3.1 and earlier has a path traversal vulnerability which may allow an attacker to execute arbitrary code.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| advantech | advantech_webaccess | — | — |
| advantech | webaccess | <= 8.3.1 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2018-14806 is a path traversal vulnerability (CWE-22) in Advantech WebAccess versions 8.3.1 and prior, exploitable remotely with no authentication required (CVSS v3 9.8: AV:N/AC:L/PR:N/UI:N). Detection should focus on path traversal patterns in HTTP requests targeting WebAccess endpoints. ↗
- →No known public exploits were identified at time of advisory publication, but the vulnerability is rated exploitable remotely with low skill level. Monitor WebAccess network traffic for anomalous directory traversal sequences (e.g., '../' or '%2e%2e%2f') in request paths. ↗
- →Affected product scope: Advantech WebAccess Versions 8.3.1 and prior. Presence of these versions on internet-accessible hosts should be treated as high-risk exposure given the network-exploitable, no-auth attack vector. ↗
- ·The advisory covers four distinct CVEs (CVE-2018-14816, CVE-2018-14820, CVE-2018-14828, CVE-2018-14806) under the same advisory ICSA-18-296-01. Ensure detections are scoped specifically to CVE-2018-14806 (path traversal / CWE-22) and not conflated with the stack-based buffer overflow (CVE-2018-14816), file deletion (CVE-2018-14820), or privilege management (CVE-2018-14828) issues. ↗
- ·The sources provide no specific filenames, hashes, URLs, IPs, or exploit payloads associated with CVE-2018-14806. No concrete IOCs are available from these documents; operational detection must rely on behavioral/traffic-based indicators until further technical analysis is published. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-j92m-hfq7-r8cj: Advantech WebAccess 8
ghsa_unreviewed·2022-05-13
CVE-2018-14806 [CRITICAL] CWE-22 GHSA-j92m-hfq7-r8cj: Advantech WebAccess 8
Advantech WebAccess 8.3.1 and earlier has a path traversal vulnerability which may allow an attacker to execute arbitrary code.
CISA ICS
Advantech WebAccess
cisa_ics·2018-10-23·CVSS 9.8
[CRITICAL] Advantech WebAccess
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Advantech WebAccess
Last RevisedOctober 23, 2018
Alert CodeICSA-18-296-01
## 1. EXECUTIVE SUMMARY
-
CVSS v3 9.8
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Advantech
- Equipment: WebAccess
- Vulnerabilities: Stack-based Buffer Overflow, External Control of File Name or Path, Improper Privilege Management, Path Traversal
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, access files and perform actions at a privileged level, or delete files on the system.
## 3. TECHNICAL DETA
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2018-10-23
Published