This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote host has a web application that is affected by a file
The Advantech WebAccess web server running on the remote host is
affected by a file disclosure vulnerability in the WebAccess Dashboard
Viewer due to a failure to properly sanitize user-supplied input to
the openWidget script. An unauthenticated, remote attacker can exploit
this, via path traversal, to read the content of arbitrary files on
the WebAccess server.
Note that this Advantech WebAccess web server is reportedly affected
by other vulnerabilities as well; however, Nessus has not tested for
See also :
Upgrade to Advantech WebAccess version 8.1-2015.12.30 or later.
Risk factor :
Medium / CVSS Base Score : 5.0