What is CVE-2014-0770?

CVE-2014-0770 is a vulnerability in Advantech Advantech_webaccess, classified under Stack-based Buffer Overflow. Published 2014-04-12.

Is CVE-2014-0770 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Advantech Advantech_webaccess

CVE-2014-0770

By providing an overly long string to the UserName parameter, an attacker may be able to overflow the static stack buffer. The attacker may then execute code on the target device remotely.

Vulnerability class: Buffer Overflow

EPSS: 0.011 (78.2th percentile) — read the EPSS interpretation.

Affected products

Advantech Advantech_webaccess — versions 5.0, 6.0, 7.0
Advantech Webaccess — versions 7.2, 0

Weakness classification (CWE)

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

ics-cert@hq.dhs.gov
66740 (vdb-entry, x_refsource_BID)
ics-cert@hq.dhs.gov
af854a3a-2127-422b-91ae-364da2661108 (US Government Resource)

Frequently asked questions

What is CVE-2014-0770?: CVE-2014-0770 is a vulnerability in Advantech Advantech_webaccess, classified under Stack-based Buffer Overflow. Published 2014-04-12.
Is CVE-2014-0770 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.