cve/2018/CVE-2018-15705.md

CVE-2018-15705

Description

WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrary code.

POC

Reference

• https://www.exploit-db.com/exploits/45774/
• https://www.tenable.com/security/research/tra-2018-35

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/lnick2023/nicenice
• https://github.com/qazbnm456/awesome-cve-poc
• https://github.com/xbl3/awesome-cve-poc_qazbnm456