← back
CVE-2018-15705

CVE-2018-15705

EPSS 12.2%
WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrary code.
Affected products
Advantech · Advantech WebAccess
public PoCs found2
cve_referencewww.exploit-db.com/exploits/45774/unverifiedexploitdbwww.exploit-db.com/exploits/45774unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.exploit-db.com/exploits/45774/https://www.tenable.com/security/research/tra-2018-35