E18-0orv1
CVSS:
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
False Positive:
t
Variants:
1
Year:
2018
Description
This strike exploits a buffer overflow vulnerability in Advantech WebAccess. The vulnerability is due to lack of boundary checks while copying user-supplied data into a stack buffer within BwPSLinkZip.exe. By building a special RPC request, an attacker can cause arbitrary code execution or abnormal termination within the context of the WebAccess process.
CVE
References
MSB
BID
ExploitDB
Secunia
Security Tracker
Metasploit
ZDI
OSVDB
{}