Vulnerability Details CVE-2014-8388
Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.8%
CVSS Severity
CVSS v2 Score 7.2
References
Products affected by CVE-2014-8388
-
cpe:2.3:a:advantech:webaccess:6.0
-
cpe:2.3:a:advantech:webaccess:6.0-2007.06.05
-
cpe:2.3:a:advantech:webaccess:6.0-2007.06.12
-
cpe:2.3:a:advantech:webaccess:6.0-2007.06.18
-
cpe:2.3:a:advantech:webaccess:6.0-2007.06.25
-
cpe:2.3:a:advantech:webaccess:6.0-2007.07.09
-
cpe:2.3:a:advantech:webaccess:6.0-2007.07.12
-
cpe:2.3:a:advantech:webaccess:6.0-2007.07.24
-
cpe:2.3:a:advantech:webaccess:6.0-2007.07.27
-
cpe:2.3:a:advantech:webaccess:6.0-2007.08.01
-
cpe:2.3:a:advantech:webaccess:6.0-2007.08.09
-
cpe:2.3:a:advantech:webaccess:6.0-2007.09.05
-
cpe:2.3:a:advantech:webaccess:6.0-2007.09.06
-
cpe:2.3:a:advantech:webaccess:6.0-2007.09.10
-
cpe:2.3:a:advantech:webaccess:6.0-2007.09.16
-
cpe:2.3:a:advantech:webaccess:6.0-2007.09.26
-
cpe:2.3:a:advantech:webaccess:6.0-2007.10.05
-
cpe:2.3:a:advantech:webaccess:6.0-2007.10.16
-
cpe:2.3:a:advantech:webaccess:6.0-2007.10.18
-
cpe:2.3:a:advantech:webaccess:6.0-2007.10.30
-
cpe:2.3:a:advantech:webaccess:6.0-2007.11.05
-
cpe:2.3:a:advantech:webaccess:6.0-2007.11.08
-
cpe:2.3:a:advantech:webaccess:6.0-2007.11.12
-
cpe:2.3:a:advantech:webaccess:6.0-2007.11.27
-
cpe:2.3:a:advantech:webaccess:6.0-2007.11.29
-
cpe:2.3:a:advantech:webaccess:6.0-2007.12.06
-
cpe:2.3:a:advantech:webaccess:6.0-2007.12.10
-
cpe:2.3:a:advantech:webaccess:6.0-2008.01.14
-
cpe:2.3:a:advantech:webaccess:6.0-2008.01.17
-
cpe:2.3:a:advantech:webaccess:6.0-2008.01.21
-
cpe:2.3:a:advantech:webaccess:6.0-2008.02.14
-
cpe:2.3:a:advantech:webaccess:6.0-2008.03.04
-
cpe:2.3:a:advantech:webaccess:6.0-2008.03.05
-
cpe:2.3:a:advantech:webaccess:6.0-2008.03.06
-
cpe:2.3:a:advantech:webaccess:6.0-2008.04.08
-
cpe:2.3:a:advantech:webaccess:6.0-2008.04.28
-
cpe:2.3:a:advantech:webaccess:6.0-2008.04.29
-
cpe:2.3:a:advantech:webaccess:6.0-2008.05.12
-
cpe:2.3:a:advantech:webaccess:6.0-2008.05.14
-
cpe:2.3:a:advantech:webaccess:6.0-2008.05.15
-
cpe:2.3:a:advantech:webaccess:6.0-2008.05.21
-
cpe:2.3:a:advantech:webaccess:6.0-2008.05.29
-
cpe:2.3:a:advantech:webaccess:6.0-2008.06.03
-
cpe:2.3:a:advantech:webaccess:6.0-2008.06.06
-
cpe:2.3:a:advantech:webaccess:6.0-2008.06.23
-
cpe:2.3:a:advantech:webaccess:6.0-2008.06.25
-
cpe:2.3:a:advantech:webaccess:6.0-2008.07.01
-
cpe:2.3:a:advantech:webaccess:6.0-2008.07.18
-
cpe:2.3:a:advantech:webaccess:6.0-2008.07.29
-
cpe:2.3:a:advantech:webaccess:6.0-2008.08.03
-
cpe:2.3:a:advantech:webaccess:6.0-2008.08.26
-
cpe:2.3:a:advantech:webaccess:6.0-2008.09.12
-
cpe:2.3:a:advantech:webaccess:6.0-2008.09.23
-
cpe:2.3:a:advantech:webaccess:6.0-2008.09.29
-
cpe:2.3:a:advantech:webaccess:6.0-2008.09.30
-
cpe:2.3:a:advantech:webaccess:6.0-2008.11.03
-
cpe:2.3:a:advantech:webaccess:6.0-2008.11.06
-
cpe:2.3:a:advantech:webaccess:6.0-2008.11.07
-
cpe:2.3:a:advantech:webaccess:6.0-2008.11.12
-
cpe:2.3:a:advantech:webaccess:6.0-2008.11.14
-
cpe:2.3:a:advantech:webaccess:6.0-2008.12.30
-
cpe:2.3:a:advantech:webaccess:6.0-2009.04.02
-
cpe:2.3:a:advantech:webaccess:6.0-2009.04.09
-
cpe:2.3:a:advantech:webaccess:6.0-2009.04.12
-
cpe:2.3:a:advantech:webaccess:6.0-2009.04.27
-
cpe:2.3:a:advantech:webaccess:6.0-2009.05.14
-
cpe:2.3:a:advantech:webaccess:6.0-2009.05.27
-
cpe:2.3:a:advantech:webaccess:6.0-2009.06.03
-
cpe:2.3:a:advantech:webaccess:6.0-2009.06.08
-
cpe:2.3:a:advantech:webaccess:6.0-2009.06.09
-
cpe:2.3:a:advantech:webaccess:6.0-2009.1.06
-
cpe:2.3:a:advantech:webaccess:6.0-2009.1.14
-
cpe:2.3:a:advantech:webaccess:6.0-2009.2.10
-
cpe:2.3:a:advantech:webaccess:6.0-2009.2.18
-
cpe:2.3:a:advantech:webaccess:6.0-2009.2.3
-
cpe:2.3:a:advantech:webaccess:6.0-2009.3.10
-
cpe:2.3:a:advantech:webaccess:6.0-2009.3.24
-
cpe:2.3:a:advantech:webaccess:6.0-2009.3.29
-
cpe:2.3:a:advantech:webaccess:6.0-2009.4.01
-
cpe:2.3:a:advantech:webaccess:7-2009.10.13
-
cpe:2.3:a:advantech:webaccess:7.0
-
cpe:2.3:a:advantech:webaccess:7.0-2009.06.29
-
cpe:2.3:a:advantech:webaccess:7.0-2009.07.21
-
cpe:2.3:a:advantech:webaccess:7.0-2009.08.03
-
cpe:2.3:a:advantech:webaccess:7.0-2009.08.13
-
cpe:2.3:a:advantech:webaccess:7.0-2009.08.14
-
cpe:2.3:a:advantech:webaccess:7.0-2009.11.16
-
cpe:2.3:a:advantech:webaccess:7.0-2010.02.24
-
cpe:2.3:a:advantech:webaccess:7.0-2010.05.10
-
cpe:2.3:a:advantech:webaccess:7.0-2010.06.08
-
cpe:2.3:a:advantech:webaccess:7.0-2010.07.02
-
cpe:2.3:a:advantech:webaccess:7.0-2010.07.16
-
cpe:2.3:a:advantech:webaccess:7.0-2010.08.10
-
cpe:2.3:a:advantech:webaccess:7.0-2010.08.17
-
cpe:2.3:a:advantech:webaccess:7.0-2010.09.02
-
cpe:2.3:a:advantech:webaccess:7.0-2010.09.30
-
cpe:2.3:a:advantech:webaccess:7.0-2010.11.10
-
cpe:2.3:a:advantech:webaccess:7.0-2011.01.11
-
cpe:2.3:a:advantech:webaccess:7.0-2011.01.26
-
cpe:2.3:a:advantech:webaccess:7.0-2011.05.23
-
cpe:2.3:a:advantech:webaccess:7.0-2011.08.27
-
cpe:2.3:a:advantech:webaccess:7.0-2011.12.20
-
cpe:2.3:a:advantech:webaccess:7.0-2012.03.02
-
cpe:2.3:a:advantech:webaccess:7.0-2012.03.08
-
cpe:2.3:a:advantech:webaccess:7.0-2012.03.18
-
cpe:2.3:a:advantech:webaccess:7.0-2012.03.29
-
cpe:2.3:a:advantech:webaccess:7.0-2012.05.21
-
cpe:2.3:a:advantech:webaccess:7.0-2012.06.02
-
cpe:2.3:a:advantech:webaccess:7.0-2012.06.29
-
cpe:2.3:a:advantech:webaccess:7.0-2012.09.12
-
cpe:2.3:a:advantech:webaccess:7.0-2012.09.13
-
cpe:2.3:a:advantech:webaccess:7.0-2012.10.31
-
cpe:2.3:a:advantech:webaccess:7.0-2012.11.29
-
cpe:2.3:a:advantech:webaccess:7.0-2012.12.05
-
cpe:2.3:a:advantech:webaccess:7.0-2012.12.10
-
cpe:2.3:a:advantech:webaccess:7.0-2013.01.02
-
cpe:2.3:a:advantech:webaccess:7.0-2013.01.08
-
cpe:2.3:a:advantech:webaccess:7.0-2013.01.17
-
cpe:2.3:a:advantech:webaccess:7.0-2013.01.21
-
cpe:2.3:a:advantech:webaccess:7.1
-
cpe:2.3:a:advantech:webaccess:7.1-2013.04.01
-
cpe:2.3:a:advantech:webaccess:7.2