What is CVE-2017-16720?

CVE-2017-16720 is a vulnerability in Advantech Webaccess, classified under Path Traversal. Published 2018-01-05.

Is CVE-2017-16720 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Advantech Webaccess

CVE-2017-16720

A Path Traversal issue was discovered in WebAccess versions 8.3.2 and earlier. An attacker has access to files within the directory structure of the target device.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.503 (98.8th percentile) — read the EPSS interpretation.

Affected products

N/a Advantech Webaccess — versions Advantech WebAccess

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

References

44278 (exploit, x_refsource_EXPLOIT-DB)
102424 (vdb-entry, x_refsource_BID)
ics-cert.us-cert.gov/advisories/ICSA-18-004-02 (x_refsource_MISC)
www.tenable.com/security/research/tra-2018-23 (x_refsource_MISC)

Frequently asked questions

What is CVE-2017-16720?: CVE-2017-16720 is a vulnerability in Advantech Webaccess, classified under Path Traversal. Published 2018-01-05.
Is CVE-2017-16720 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.