CVE-2014-2367

CVE-2014-2367: Advantech WebAccess Authentication Bypass Issues

Vendor Advantech
Product WebAccess
Weakness CWE-592
Published July 19, 2014
Last update October 6, 2025

CVSS base score

What the vulnerability does

01Description

The ChkCookie subroutine in an ActiveX control in broadweb/include/gChkCook.asp in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.

Key dates

02Disclosure timeline

July 19, 2014 CVE published
October 6, 2025 Record updated