Advantech WebAccess webvrpcs.exe Path Traversal RCE

Critical Nessus Plugin ID 117360


The remote host is running a web application that is affected by a path traversal vulnerability.


The Advantech WebAccess/SCADA Network Service (webvrpcs.exe) running on the remote host is affected by a path traversal vulnerability due to the failure to properly validate user-supplied input when processing a DCERPC request. An unauthenticated, remote attacker can exploit this, via a series of crafted requests, to execute arbitrary code.

Note that this vulnerability is supposedly fixed in WebAccess version 8.3, but it appears that versions 8.3.1 and 8.3.2 are still vulnerable.


Contact vendor for solution.

See Also

Plugin Details

Severity: Critical

ID: 117360

File Name: scada_advantech_webaccess_cve-2017-16720.nbin

Version: 1.3

Type: remote

Family: SCADA

Published: 2018/09/10

Modified: 2018/11/15

Dependencies: 117361

Risk Information

Risk Factor: Critical

CVSS Score Source: manual

CVSS Score Rationale: Unauthenticated rce is achievable with default configuration under the context of administrator.

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:advantech:webaccess

Exploited by Nessus: true

Vulnerability Publication Date: 2018/01/04

Reference Information

CVE: CVE-2017-16720

BID: 102424

ICSA: 18-004-02A

ZDI: ZDI-18-024

TRA: TRA-2018-23