Primary

Context

Advantech WebAccess/SCADA Unrestricted File Upload Vulnerability Allowing Remote Code Execution

Vulnerability

Patched

A vulnerability in Advantech WebAccess/SCADA exists that allows for unrestricted file uploads. This could enable an attacker to remotely execute arbitrary code. The issue is present in WebAccess/SCADA versions 8.4, 9.0, 9.1, and 9.2.

Impact

Exploitation of this vulnerability could lead to unauthorized remote code execution on the affected system.

Added: Dec 18, 2025, 9:29 PM

Updated: Dec 18, 2025, 9:29 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

7.5

exploitability

5.2

remediation

7.7

relevance

1.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

7.5

exploitability

5.2

remediation

7.7

relevance

1.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Advantech WebAccess/SCADA Unrestricted File Upload Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Affected Products

Advantech WebAccess/SCADA

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating