VYPR
Unrated severityNVD Advisory· Published Jun 7, 2023· Updated Jan 16, 2025

Advantech WebAccess Insufficient Type Distinction

CVE-2023-2866

Description

If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Advantech/Webaccessllm-fuzzy2 versions
    =8.4.5+ 1 more
    • (no CPE)range: =8.4.5
    • (no CPE)range: 8.4.5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.