Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. An attacker can use this vulnerability to recover the administrator password.Referenceshttps://www.tenable.com/security/research/tra-2019-15
