Summary
This host is running Advantech WebAccess and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers to conduct SQL injection attacks, bypass certain security restrictions, and compromise a user's system.
Impact Level: Application
Solution
Upgrade to Advantech WebAccess 7.2 or later,
For updates refer to http://webaccess.advantech.com
Insight
- Certain input related to some SOAP requests is not properly sanitised within the DBVisitor.dll component before being used in a SQL query.
- Multiple boundary errors within the webvact.ocx ActiveX control when handling GotoCmd, NodeName2, AccessCode, UserName, and NodeName strings can be exploited to cause stack-based buffer overflows.
- A boundary error within the webvact.ocx ActiveX control when handling the AccessCode2 string can be exploited to cause a stack-based buffer overflow.
- Two errors within the 'OpenUrlToBuffer()' and 'OpenUrlToBufferTimeout()' methods of the BWOCXRUN.BwocxrunCtrl.1 ActiveX control can be exploited to disclose contents of arbitrary local or network resources.
- An error within the 'CreateProcess()' method of the BWOCXRUN.BwocxrunCtrl.1 ActiveX control can be exploited to bypass the intended restrictions and subsequently execute arbitrary code.
Affected
Advantech WebAccess before 7.2
Detection
Get the installed version of Advantech WebAccess with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-0763, CVE-2014-0764, CVE-2014-0765, CVE-2014-0766, CVE-2014-0767, CVE-2014-0768, CVE-2014-0770, CVE-2014-0771, CVE-2014-0772, CVE-2014-0773 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe ColdFusion Information Disclosure Vulnerability
- Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities
- Assesi 'bg' Parameter SQL Injection vulnerability
- AjaxPortal 'di.php' File Inclusion Vulnerability
- AlienVault OSSIM SQL Injection and Remote Code Execution Vulnerabilities