2 matches found
Advantech iView UserServlet SQL Injection (CVE-2021-22658)
A SQL injection vulnerability exists in the Advantech iView. The vulnerability is due to improper validation of user-supplied input when processing the request in UserServlet Java class...
CVE-2021-22658
Advantech iView is affected by CVE-2021-22658 (SQL Injection) on versions prior to 5.7.03.6112. The vulnerability arises in UserServlet processing, enabling an attacker to escalate to Administrator. Multiple connected sources confirm the issue and link it to privilege escalation via unsafely cons...