Advantech WebAccess 8.3.2

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:advantech:webaccess:8.3.2:*:*:*:*:*:*:*

part: a version: 8.3.2 update: *

VendorAdvantech (fedf766b-bee1-5692-bcc7-1aa8d9dc594c)
ProductWebaccess (ebd8b910-9fe2-5d81-afde-a07cacb71fb1)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2018-15707 vulnerable 2026-06-03 14:38:14.208473 Details available
Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site scripting in the Bwmainleft.asp page. An attacker could leverage this vulnerability to disclose credentials amongst other things.
Published: 2018-10-31T22:00:00.000Z
Updated: 2024-09-16T22:50:29.453Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-15706 vulnerable 2026-06-03 14:38:14.208113 Details available
WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API.
Published: 2018-10-31T22:00:00.000Z
Updated: 2024-09-17T02:15:57.656Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-15705 vulnerable 2026-06-03 14:38:14.207716 Details available
WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrary code.
Published: 2018-10-31T22:00:00.000Z
Updated: 2024-09-16T17:59:24.977Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.