CVE-2014-2368

CVE-2014-2368: Advantech WebAccess Unsafe ActiveX Control Marked Safe For Scripting

Vendor Advantech
Product WebAccess
Weakness CWE-623
Published July 19, 2014
Last update October 6, 2025

CVSS base score

What the vulnerability does

01Description

The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.

Key dates

02Disclosure timeline

July 19, 2014 CVE published
October 6, 2025 Record updated