RPC: Advantech WebAccess webvrpcs Arbitrary File Deletion

This signature detects attempts to exploit arbitrary file deletion vulnerability in Advantech WebAccess. Successful exploitation results in the deletion of arbitrary files from the target system.

Extended Description

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an external control of file name or path vulnerability has been identified, which may allow an attacker to delete files.

Affected Products

Advantech webaccess

References

CVE: CVE-2018-7495

Short Name
RPC:DCERPC:ARB-FILE-DEL
Severity
Major
Recommended
True
Recommended Action
Drop
Category
RPC
Keywords
Advantech Arbitrary CVE-2018-7495 Deletion File WebAccess webvrpcs
Release Date
08/14/2018
Supported Platforms

srx-branch-19.3

vsrx3bsd-19.2

srx-19.4

vsrx3bsd-19.4

srx-branch-19.4

vsrx-19.4

vsrx-19.2

srx-19.3

srx-branch-12.3

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx-12.3

vmx-19.3

srx-12.3

Sigpack Version
3773
False Positive
Unknown
Vendors

Advantech

CVSS Score

6.4

Found a potential security threat?