CVE-2018-7505

Name of the Vulnerable Software and Affected Versions Advantech WebAccess versions V8.2 20170817 and prior Advantech WebAccess versions V8.3.0 and prior Advantech WebAccess Dashboard versions V.2.0.15 and prior Advantech WebAccess Scada Node versions prior to 8.3.1 Advantech WebAccess/NMS versions 2.0.3 and prior

Description The issue allows for unrestricted file uploads to the web application without authorization, potentially enabling an attacker to execute arbitrary code.

Recommendations For Advantech WebAccess versions V8.2 20170817 and prior, update to a version later than V8.2 20170817. For Advantech WebAccess versions V8.3.0 and prior, update to a version later than V8.3.0. For Advantech WebAccess Dashboard versions V.2.0.15 and prior, update to a version later than V.2.0.15. For Advantech WebAccess Scada Node versions prior to 8.3.1, update to version 8.3.1 or later. For Advantech WebAccess/NMS versions 2.0.3 and prior, update to a version later than 2.0.3.