Intrusion Prevention

Advantech.Absolute.Path.Request.Information.Disclosure

Description

This indicates an attack attempt against a Information Disclosure vulnerability in Advantech/BroadWin WebAccess.
The vulnerability is caused by an error when the vulnerable software handles the malicious http request. It allows a remote attacker to gain sensitive information via a crafted HTTP request.

Affected Products

Advantech/BroadWin WebAccess 7.0

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

CVE References

CVE-2012-0236