Description
The ChkCookie subroutine in an ActiveX control in broadweb/include/gChkCook.asp in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.
Affected products
- Advantech / WebAccess0 – 7.1
- Advantech / WebAccess7.2 – 7.2