upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenticated users to discover credentials by reading HTML source code. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Information Disclosure
Advantech Webaccess
NVD
CVSS 2.0
9.0
EPSS
0.2%