Intrusion Prevention



This indicates an attack attempt to exploit a SQL Injection Vulnerability in Advantech WebAccess.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted request. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted request.

Affected Products

Advantech WebAccess prior to 8.2_20170817


System Compromise: Remote attackers can add, view, delete or modify data in the database of the affected application

Recommended Actions

Upgrade to the latest version available from the website (registration required).

CVE References