E20-9se31
CVSS:
6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P)
False Positive:
t
Variants:
1
Year:
2020
Description
An arbitrary file overwrite vulnerability has been identified in Advantech WebAccess NMS. The vulnerability is caused by the lack of proper input sanitisation on file paths within saveBackground servlet. The vulnerability can be exploited by sending a specially-crafted request, allowing the attacker to delete arbitrary files.