Critical severity9.8NVD Advisory· Published Feb 13, 2017· Updated May 13, 2026

CVE-2017-5154

Description

An issue was discovered in Advantech WebAccess Version 8.1. To be able to exploit the SQL injection vulnerability, an attacker must supply malformed input to the WebAccess software. Successful attack could result in administrative access to the application and its data files.

Affected products

Advantech/Webaccess
cpe:2.3:a:advantech:webaccess:8.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/95410nvdThird Party AdvisoryVDB Entry
ics-cert.us-cert.gov/advisories/ICSA-17-012-01nvdMitigationThird Party AdvisoryUS Government Resource
www.tenable.com/security/research/tra-2017-04nvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000