This module exploits an arbitrary file upload vulnerability in Advantech WebAccess. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the FileUpload script allows unauthenticated callers to upload arbitrary code to directories in the server where the code can be automatically executed under the high-privilege context of the IIS AppPool.
Authentication is not required to exploit this vulnerability.
Authentication is not required to exploit this vulnerability.
CVE Link
Exploit Type - Old
Exploits/Remote
Exploit Platform
Product Name