The function 'processHeaderConfig' is vulnerable to command injection due to lack of validation in the HTTP headers that process as argument. This module exploits this vulneravility to install an agent

Advantech WebAccess is prone to a remote vulnerability that allows attackers to execute commands under the context of de program user.

Advantech WebAccess is prone to a buffer overflow vulnerability on the RPC interface that could permit the execution of arbitrary remote code. A remote attacker can exploit this vulnerability to execute arbitrary code and completely compromise the computer.

The specific flaw exists within bwnodeip.exe, which is accessed through the 70022 IOCTL in the webvrpcs process. The process does not properly validate the length of user-supplied data prior to copying it to a fixed-length buffer.

The specific flaw exists within bwnodeip.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The process does not properly validate the length of user-supplied data prior to copying it to a fixed-length buffer.

This vulnerability allows local attackers to escalate privileges on vulnerable installations of VirIT eXplorer Anti-Virus. An attacker must first obtain the ability to execute non-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of crafted IOCTL by the VIAGLT64.SYS kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an arbitrary write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel. This module will elevate the privileges of the current agent instead of installing a new one.

The user can write 0 where he wants. This can be used to write SecurityDescriptor and write system processes.

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.