Advantech WebAccess remain vulnerable (8.3.1 & 8.3.2)
When vulnerability allows an attacker to execute “arbitrary code”, it typically means that the hacker can run any command. Although critical facilities especially Petroleum, electricity, Gas and water SCADA infrastructure are prohibited setup internet access function. However to cope with modernization. It is hard to avoid to do the network integration. Advantech is a leading brand in IoT intelligent systems, Industry 4.0, machine automation, embedding computing & embedded systems. We found that both two different version of web access function has vulnerabilities occurs. See whether this information is related to your expertise area. For more details, please see below:
Advantech ICSA-18-296-01 WebAccess Multiple Security Vulnerabilities
https://www.securityfocus.com/bid/105728
- CVE-2018-15703: Multiple Reflected Cross-Site Scripting
- CVE-2018-15704: Authenticated Stack Buffer Overflow
It’s an awesome article in favor of all the internet users; they will take benefit from it I am sure.|