Short Name |
HTTP:DIR:CVE-2018-15706-IN-DIS |
---|---|
Severity |
Minor |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Advantech WebAccess SCADA WADashboard readFile Directory Traversal |
Release Date |
2018/11/26 |
Update Number |
3120 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Advantech WebAccess SCADA WADashboard. Successful exploitation could lead to the disclosure of information.
WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API.