4 matches found
Advantech iView ConfigurationServlet SQLi (CVE-2022-3323)
Binary data scadaadvantechiviewcve-2022-3323.nbin...
CVE-2022-3323
An SQL injection vulnerability in Advantech iView 5.7.04.6469. The specific flaw exists within the ConfigurationServlet endpoint, which listens on TCP port 8080 by default. An unauthenticated remote attacker can craft a special columnvalue parameter in the setConfiguration action to bypass checks...
CVE-2022-3323
Advantech iView 5.7.04.6469 (and prior) is affected by an SQL injection in the ConfigurationServlet endpoint (port 8080 by default). An unauthenticated attacker can craft a special column_value in setConfiguration to bypass CUtils.checkSQLInjection() and disclose data, including the admin passwor...
CVE-2022-3323
An SQL injection vulnerability in Advantech iView 5.7.04.6469. The specific flaw exists within the ConfigurationServlet endpoint, which listens on TCP port 8080 by default. An unauthenticated remote attacker can craft a special columnvalue parameter in the setConfiguration action to bypass checks...