3 matches found
Advantech iView deleteZtpConfig SQL Injection (CVE-2021-32932)
A SQL injection vulnerability exists in the Advantech iView. The vulnerability is due to improper validation of user-supplied input when processing the request in method in Java class...
CVE-2021-32932
The affected product is vulnerable to a SQL injection, which may allow an unauthorized attacker to disclose information on the iView versions prior to v5.7.03.6182...
CVE-2021-32932
CVE-2021-32932 affects Advantech iView. A SQL injection flaw exists in multiple iView endpoints (e.g., setDeviceAuthentication, saveZtpConfig, getInventoryReportData, getNextTrapPage) due to improper input validation, enabling disclosure of information to unauthenticated remote attackers. Impact ...