SB2012022101 - Multiple vulnerabilities in Advantech WebAccess 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2012022101

SB2012022101 - Multiple vulnerabilities in Advantech WebAccess

Published: February 21, 2012 Updated: August 11, 2020

Security Bulletin ID SB2012022101
Severity
High
Patch available
NO
Number of vulnerabilities 20
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 35% Medium 35% Low 30%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 20 secuirty vulnerabilities.


1) Cross-site request forgery (CVE-ID: CVE-2012-0235)

The vulnerability allows a remote attacker to perform cross-site request forgery attacks.

The vulnerability exists due to insufficient validation of the HTTP request origin. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website.


2) Information disclosure (CVE-ID: CVE-2012-0236)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Advantech/BroadWin WebAccess 7.0 and earlier allows remote attackers to obtain sensitive information via a direct request to a URL. NOTE: the vendor reportedly "does not consider it to be a security risk."


3) Buffer overflow (CVE-ID: CVE-2012-0237)

The vulnerability allows a remote non-authenticated attacker to manipulate or delete data.

Advantech/BroadWin WebAccess before 7.0 allows remote attackers to (1) enable date and time syncing or (2) disable date and time syncing via a crafted URL.


4) Stack-based buffer overflow (CVE-ID: CVE-2012-0238)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing unspecified vectors. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


5) Improper Authentication (CVE-ID: CVE-2012-0239)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

uaddUpAdmin.asp in Advantech/BroadWin WebAccess before 7.0 does not properly perform authentication, which allows remote attackers to modify an administrative password via a password-change request.


6) Improper Authentication (CVE-ID: CVE-2012-0240)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

GbScriptAddUp.asp in Advantech/BroadWin WebAccess before 7.0 does not properly perform authentication, which allows remote attackers to execute arbitrary code via unspecified vectors.


7) Buffer overflow (CVE-ID: CVE-2012-0241)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

Advantech/BroadWin WebAccess before 7.0 allows remote attackers to cause a denial of service (memory corruption) via a modified stream identifier to a function.


8) Format string error (CVE-ID: CVE-2012-0242)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via format string specifiers in a message string.


9) Buffer overflow (CVE-ID: CVE-2012-0243)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Buffer overflow in an ActiveX control in bwocxrun.ocx in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code by leveraging the ability to write arbitrary content to any pathname.


10) SQL injection (CVE-ID: CVE-2012-0244)

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.


11) SQL injection (CVE-ID: CVE-2012-1234)

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in a malformed URL. NOTE: this vulnerability exists due to an incomplete fix for CVE-2012-0234. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.


12) Cross-site request forgery (CVE-ID: CVE-2012-1235)

The vulnerability allows a remote attacker to perform cross-site request forgery attacks.

The vulnerability exists due to insufficient validation of the HTTP request origin. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website.


13) Buffer overflow (CVE-ID: CVE-2011-4524)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Buffer overflow in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via a long string value in unspecified parameters.


14) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2011-4525)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Advantech/BroadWin WebAccess before 7.0 allows remote attackers to trigger the extraction of arbitrary web content into a batch file on a client system, and execute this batch file, via unspecified vectors.


15) Buffer overflow (CVE-ID: CVE-2011-4526)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Buffer overflow in an ActiveX control in Advantech/BroadWin WebAccess before 7.0 might allow remote attackers to execute arbitrary code via a long string value in unspecified parameters.


16) Cross-site scripting (CVE-ID: CVE-2012-0233)

Vulnerability allows a remote attacker to perform XSS attacks.

The vulnerability is caused by an input validation error in Advantech/BroadWin WebAccess before 7.0. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


17) SQL injection (CVE-ID: CVE-2012-0234)

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.


18) SQL injection (CVE-ID: CVE-2011-4521)

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.


19) Cross-site scripting (CVE-ID: CVE-2011-4522)

Vulnerability allows a remote attacker to perform Cross-site scripting attacks.

An input validation error exists in bwerrdn.asp in Advantech/BroadWin WebAccess before 7.0. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


20) Cross-site scripting (CVE-ID: CVE-2011-4523)

Vulnerability allows a remote attacker to perform Cross-site scripting attacks.

An input validation error exists in bwview.asp in Advantech/BroadWin WebAccess before 7.0. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References