HomePentest-Tools.com Logo

Advantech WebAccess Multiple Vulnerabilities CVE-2016-4525CVE-2016-4528CVE-2016-5810

Severity
CVSSv3 Score
4.9
Vulnerability description

Advantech WebAccess is prone to multiple vulnerabilities.

Risk description

Advantech WebAccess is prone to multiple vulnerabilities: Several ActiveX controls are intended for restricted use, but have been marked as safe-for-scripting. (CVE-2016-4525) A specially crafted DLL file can cause a buffer overflow. (CVE-2016-4528) A properly authenticated administrator can view passwords for other administrators. (CVE-2016-5810) A local attacker may insert and run arbitrary code on an affected system. A authenticated administrator may view passwords from other administrators.

Recommendation

Upgrade to Version 8.1_20160519 or later

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jun 25, 2016
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available