CVE-2014-0766

An attacker can exploit this vulnerability by copying an overly long NodeName2 argument into a statically sized buffer on the stack to overflow the static stack buffer. An attacker may use this vulnerability to remotely execute arbitrary code.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:advantech:advantech_webaccess:*:*:*:*:*:*:*:*
cpe:2.3:a:advantech:advantech_webaccess:5.0:*:*:*:*:*:*:*
cpe:2.3:a:advantech:advantech_webaccess:6.0:*:*:*:*:*:*:*
cpe:2.3:a:advantech:advantech_webaccess:7.0:*:*:*:*:*:*:*

History

19 Sep 2025, 20:15

Type Values Removed Values Added
CWE CWE-121
Summary (en) Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long NodeName2 argument. (en) An attacker can exploit this vulnerability by copying an overly long NodeName2 argument into a statically sized buffer on the stack to overflow the static stack buffer. An attacker may use this vulnerability to remotely execute arbitrary code.
References
  • () http://webaccess.advantech.com/ -
  • () http://www.securityfocus.com/bid/66740 -
  • () https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03 -

21 Nov 2024, 02:02

Type Values Removed Values Added
References () http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03 - Third Party Advisory, US Government Resource () http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03 - Third Party Advisory, US Government Resource
References () http://www.securityfocus.com/bid/66725 - () http://www.securityfocus.com/bid/66725 -

Information

Published : 2014-04-12 04:37

Updated : 2025-09-19 20:15


NVD link : CVE-2014-0766

Mitre link : CVE-2014-0766

CVE.ORG link : CVE-2014-0766


JSON object : View

Products Affected

advantech

  • advantech_webaccess
CWE
CWE-121

Stack-based Buffer Overflow

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer